Fwd: TechTip: What's a VPN, Anyway?

Joseph S D Yao jsdy at COSPO.OSIS.GOV
Tue Sep 19 17:54:34 EDT 2000


On Tue, Sep 19, 2000 at 03:26:16PM -0400, Andrew Chen wrote:
> I found this on SearchSecurity.com's mailing list - thought it might
> be a relevant reply to David Rudolph's "VPN disables access to local
> corporate LAN" message.
>
> >Subject: TechTip: What's a VPN, Anyway?
> >Date: Tue, 19 Sep 2000 15:20:45 -0400

More directly to the point ... Mr. Rudolph's VPN client is behaving the
way a VPN client should, to maximize VPN/LAN security.  If his machine
could be on both the local LAN and the remote LAN simultaneously, it
could conceivably form a bridge of some kind between the two.  If his
machine is locked down so that it only appears to be on one of the two
networks at a time, this risk is reduced.

Most - I am told, all - IPsec clients used to allow this kind of dual
access.  I understand that more either don't allow it, or allow the
VPNmeister to specify whether it is allowed.

--
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list