Locking down VPN client access to LAN resources

[Mike Barry]

How does one go about defining exactly what resources a VPN
client can access on the "home" office LAN?

The network has a Windows 2000 Server domain controller with
DHCP and DNS. There is another server functioning as a fileserver,
and that server is running Windows 2003 Server.

Firewall is a Sonicwall Pro 230. I know how to direct
incoming VPN traffic to one LAN workstation...that's something you
can configure via the Sonicwall. However, all of the resources the
VPN clients will be using are on the Fileserver, and each VPN client
needs access to different folders.

I'm a bit new at this, and I'm at a loss to find a way to do
this. My first thought was to set up local users on the Fileserver
and then define what folders each user had access to.

Any help would be greatly appreciated!

Thanks..

Mike

 

[Jeffrey Randow (MVP)]

You would control the security in the same manner as if they were
connected directly into your network (i.e., use ACLs).

Note that with Win2K3, you can "quarantine" VPN clients to update
security patches, AV patches, etc, before allowing them onto your
network.

Jeffrey Randow (Windows MVP - Networking & Smart Display)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Wiki -
http://www.remotenetworktechnology.com
Smart Display Support - http://www.smartdisplays.net
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone