|
Posted by S. Pidgorny on January 30, 2008, 4:21 am
If you were Registered and logged in, you could reply and use other advanced thread options
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
> dold@96.usenet.us.com wrote:
>
>>
>>>controls and install IPSec VPN software with strong encryption on
>>
>>
>> Where is the other end of the VPN? He doesn't have file sharing turned
>> on
>> for either PC.
>>
>
> If high security is a top priority, I was suggesting that he establish
> the desktop as a VPN endpoint. This would also entail a separate segment
> for the wireless VPN (separate NIC or perhaps using the USB connection
> to the AP/router). I assume the desktop O/S is XP-Pro; my experience
> doing this is with Win2k. Filters to pass only AH and ESP and ICMP
> would be needed on the wireless i/f. Doing this on a Windows O/S
> under cygwin and with ported unix code is possible, but I would
> really recommend adding and obsd box as a border router and running
> ISAKMPD for the wireless segment. This is just my personal approach.
> I assume there are native MS solutions for this as well, (L2TP and
> less secure methods?). I am replying as a reader of alt.internet.wireless
> and my suggestions come from experience building similar small VPNs
> as described. All of this presumes that the O.P. has really serious
> security concerns.
>
> Michael
| 
XML site map