We are trying to setup VPN connection for remote user (home DSL/Cable) to corporate network.
First off, what is best practice:
We are all Win2k environment with Win2k remote users. Firewall is still on Win NT 4.0 WS SP5. Firewall-1 4.1 SP3 is currently use. Is it best practice to use VPN capability of FW-1 or setting-up VPN on one win2k server internally??? PROS & CONS please.
So if we take the FW-1 solution, we need to buy the VPN module and set-it up by someone else since we are total newbie at managing VPN-1. From what I read, it look simpler to setup a VPN server internally with win2k and add rules to the FW-1 to let proper services/ports in/out pass. What would be those services/ports we need to let pass and will it be possible to NAT those connection to the internal VPN server that use 10.1.0.0 base address?
And I guest we will need some authentication method at the FW-1 level?
And for last, in your guts feeling, what would you trust most as more secure, FW-1/VPN-1 solution or Win2k (MY) solution? (no new hardware/software, we need to work with what we currently have)
Best Regards
Steph
*============================================================================================* L'information confidentielle incluse dans ce courrier �lectronique s'adresse uniquement � la personne, physique ou morale, vis�e. Toute utilisation, copie, divulgation ou distribution non autoris�e de ce document est strictement interdite. Si vous n'�tes pas la personne concern�e par cette transmission �lectronique, veuillez d�truire ce document et nous aviser par courriel ou par t�l�phone au (450)641-1434. Les opinions �mises dans ce courriel ne repr�sentent pas n�cessairement des opinions v�hicul�es par Dessin Structural B.D. inc. *============================================================================================* The confidential Information contained in this e-mail is intended only for the person or entity to which it is addressed. Any use, disclosure, copying or distribution of this document is prohibited and may be unlawful. If you are not the intended recipient, please destroy this document and notify us by e-mail or by phone (450)641-1434. Any opinions contained within this e-mail are not necessarily the opinions of B.D. Structural Design inc. *============================================================================================*
