[VPN] SAP support through VPN
Travis Watson
travis at traviswatson.com
Tue May 25 01:42:26 EDT 2004
Buenas.
There aren't any obvious security problems with your scenario, but VPN clients
don't like to play together nicely, as a general rule. The Cisco client will
probably not work with the Nortel client on the same machine (or Netscreen
with Windows, etc.). I can see problems with that. If everyone is on the
same network, it might be cheaper and easier to just use a VPN-capable device
and make IPSec b2b tunnels--though I understand that your business partners
may not have devices in place for that.
Regards,
Travis
On Wednesday 19 May 2004 01:55 pm, venicio_boas at br.schindler.com wrote:
> Dear all
>
> My company intend to use SAP remote support through the RAS VPN
> according to the picture below. The company which povide te share support
> service already use diffrent clients for accessing different customers :
> Cisco client
> Netscrren client
> Windows VPN client
> Nortel client
>
> at the some internal machine. They passed us the following information
> about RA VPN of them:
>
> Access to customers using Internet based VPNs are done through an isolated
> link to Internet and each workstation that needs the access is mapped to
> an individual valid network address.
>
> All workstations and VPN client used is configured to avoid multiple
> tunnels and the connection to service provider corporate network while a
> VPN tunnel remains active.
>
> To improve security, no routes are added to this isolated internet link,
> except those that match our customers VPN gateway addresses.
>
> Scalability is obtained through a 34 Mbps internet link without usage
> limitation
>
>
>
>
>
>
> I would like to question if using these clients and the
> configuration above, are there security risks in contract this share
> service and which possible tests we should make for assuring that we won´t
> have problems in the future ?
>
> Thank you for any hints.
>
>
> Venicio Vilas-Bôas
> Elevadores Atlas Schindler S/A
> Tel. 55 11 6120-5431
More information about the VPN
mailing list