Hi all,
I'd like your advice, comments, shoulds, shouldn'ts on the following please.
I have to provide remote access for various members of staff (managers,
directors, anyone else with friends in high places...... )
If possible, these users would like to access their network drives and all other
internal services as if at their desk.
Our network is based entirely on TCP/IP (i.e. netbios over ip, no IPX etc).
Now, this can be provided using RAS on NT but should this RAS box be in the DMZ
?
Should the RAS give out IPs from a different subnet than the internal network
and then get NATed to the internal?
I'm guessing I SHOULD avoid using FW as RAS (gasps of shock at the idea ?)
Or........
Could I justify denying this service and allow only access to everything except
network drives (such as Notes,
Telnet, Oracle ...) via a dial up scenario through Linux for example.
So I gues I'm asking
Is the use of RAS on NT (hardened as much as possible) safe ?
Should it be in the DMZ ?
Failing that where would I put a dial up linux box?
Sorry if I sound confused. It's Friday afternoon.
Thanks in advance
Garry Armour
Sys Admin
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
