[VPN] Use of VPN

shannong shannong at texas.net
Tue Apr 1 21:39:49 EST 2003 

BTW...The Pix can do inbound user authentication before allowing a user
access to a resource.  Therefore, you could create a public access IPs
for the web server/s and configure the Pix to authenticate inbound web
sessions.  SSL would provide encryption of course.  The Internet at
large would not have access to the servers, but rather only those users
with valid credentials verified via RADIUS/TACACS+.  This is much easier
than providing and supporting VPN access for web servers.

-----Original Message-----
From: vpn-admin at lists.shmoo.com [mailto:vpn-admin at lists.shmoo.com] On
Behalf Of Bruce.CTR.Aron at faa.gov
Sent: Thursday, September 05, 2002 11:55 AM
To: Kejvan Redjamand
Cc: vpn at lists.shmoo.com
Subject: Re: [VPN] Use of VPN


The app is on the company Intranet (internal Web), so people outside the
company normally can't see or use the app.  But in selected cases, the
company wants selected people to be able to get to the app but nothing
else
on the Intranet.  A complicating factor is that the company Intranet is
not
on one Web server -- there are multiple Web servers in multiple
geographical locations.  So a Web server access lists wouldn't help much
either.  And people may be using AOL or similar that don't have a static
IP
address for the client/user.

Bruce


 

                      Kejvan Redjamand

                      <kejvan at cdg.chalm        To:       Bruce CTR
Aron/ASO/CNTR/FAA at FAA                   
                      ers.se>                  cc:
vpn at lists.shmoo.com                               
                                               Subject:  Re: [VPN] Use
of VPN                              
                      09/05/2002 01:47

                      PM

 

 





Hi
It seems that it may be done by CGI, APS,.. on a webserver with access
restrictions, Why use VPN if web based?

Kejv

On Thu, 5 Sep 2002
Bruce.CTR.Aron at faa.gov wrote:

> Subject: [VPN] Use of VPN
>
> I have one basic question -- is it possible to use VPN such that the
remote
> user has access to only one server (IP address) rather than everything
on
> the company intranet?
>
> The specific situation I am looking at is how best to allow "trusted"
> non-company people to get inside the company intranet to access one
> specific Web-based program and yet not let them get at the rest of the
> company intranet.
>







_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn

More information about the VPN mailing list