How to setup even more restricted permissions for VPN users on 2K RRAS

B

Barry

I have a 2K RRAS server setup so some clients can VPN into our intranet and
do what they need to do. Is there any way to setup better access rules so a
client that may only need access to one or two boxes doesn't necessarily
have free access to all of our servers? Yes, I know they would still need
to authenticate, but I don't like them even getting that far.

Thank you in advance,

Barry
 
H

Herb Martin

IPSec can help with this -- IPSec can do three things by a rule:
negotiate actual IPSec, PASS or BLOCK.

Block can be used as a "better filter" to allow/deny certain protocols
to/from certain address ranges.
 
W

Wajihy [MSFT]

yes on the remote access policy that will authenticate them you can add Ip
filters to allow them only to specific resources.
 
B

Barry

Perfect, thank you.

Wajihy said:
yes on the remote access policy that will authenticate them you can add Ip
filters to allow them only to specific resources.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows 2003 Server, RRAS & VPN mistake 1
basic rras setup 2
2K RRAS not routing for vpn clients 3
Help with Site-to-site VPN using 2k3 RRAS 2
RRAS (for VPN) and IIS on the same server? 3
RRAS, NAT & External VPN Problem 3
VPN restrictions 2
RAS VPN 1 Nic Routing? Problem 8

Top