[vpn] Is it risk to allow Internet access through VPN??

dgillett at deepforest.org dgillett at deepforest.org
Thu Dec 20 05:27:42 EST 2001

On 19 Dec 2001, at 14:19, pathak at hitechprofessionals.co wrote:

> Hello:
> Our VPN clients are passing through Firewall to 
> access LAN. But they are unable to access internet 
> when they are connected to VPN. Our border router 
> is configured to allow traffic from LAN only.
> Can anyone tell me about the potential risk factors in 
> allowing VPN clients to access internet through VPN 
> and then Firewall?
> Thanks,
> Jignesh

  The nastiest risk is that, with the firewall doing NAT, anything 
they send to the Internet will *appear* to be coming from your 
trusted network.

  (I had a remote user on a cable modem start up Norton pcAnywhere 
while they were VPN-connected.  The 253 other cable-modem subscribers 
in the same Class C block would have seen *our firewall* scanning 
them if I'd had it configured to allow that traffic to pass....)

David Gillett

VPN is sponsored by SecurityFocus.com

More information about the VPN mailing list