Greetings!
"Cessna, Michael" schrieb:
> I'm assuming that you are running MS Exchange, so access to port 135
> is needed for the Outlook client to connect correctly. I'm assuming
> that you have remote employees that also need to access their email
> when not in the office. I have the same setup and a good way to
> protect you network is to use the Secure Remote client.
One good thing about Checkpoint's FW-1 is that you can filter to let
MSX-connections through only - theoretically. The FW1's definition of
the MSX protocol checks for the RPC number only (if I understand
correctly). So limit your VPN access to just the services needed, too.
Do NOT allow the wide (general) TCP/135 if you only need MSX. But maybe
you need access for your NT-Administrators - and thus full TCP/135.
In any case:
good luck &
be careful
Volker
--
Volker Tanger <[EMAIL PROTECTED]>
Wrangelstr. 100, 10997 Berlin, Germany
DiSCON GmbH - Internet Solutions
http://www.discon.de/
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
