Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN Security Question

Status
Not open for further replies.
Tomai

Tomai

Technical User
Dec 4, 2005
4
CA
Hello,

In order for me to get my vpn to work i had to put my server out on the dmz and turn off all firewalls, I was wondering if there is a way around this? and offer more security to the server and the connection? Because this makes me a bit nervous because it seems so out in the open?

Thank you!
 
Sort by date Sort by votes
If you have a server that is directly accessible from the Internet with no security device defending it, it will eventually get hacked. In fact it may already be hacked.

I would suggest that if you can't get your VPN working through the firewall then the firewall configuration may not have been 100%.. either that or the firewall is not that good. Even these cheap DSL routers with builtin firewall out of the box support VPN Passthrough so I'm surprised you couldn't get this working behind a firewall.

If you must make the server openly accessible to anyone, I would strongly encourage you to at least follow standard server hardening techniques inc. a STRONG password i.e. use some $^%*£ chars in there, closing unnecessary ports, disabling non essential services etc etc etc.
 
Upvote 0 Downvote
You should definately not have to do this to get the VPN to work!

You certainly don't want Servers out in the open and you certainly don't want all your firewalls turned off! That is a ticking time bomb.

What VPN hardware/software are you using? And for what purpose? I'm sure someone could give you some tips for a significantly more secure setup.

'When all else fails.......read the manual'
 
Upvote 0 Downvote
Currently I am doing just the basic vpn with the windows, the remote access and routing under administrative tools. I dont think there is a firewall on the server but I will install one, is there any recommendation for a good one for servers thats not very complex to configure?

as for the router, it is the d-link DI-804HV and the control panel is not very direct so i had a hard time figuring out where i had to go to open the 1723 port and i didnt see anything about allowing the gre protocol either (even tho its supposedly a vpn router)

Only reason i had it on the dmz was because it was the only way that let me login otherwise id get the 800 error that it cannot connect to the vpn.

Thanks for all the help everyone, i really appreciate it :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

eleafpod
  • Locked
  • Question
ISO the best security camera monitoring system
Replies
2
Views
1K
Pigasque
Pigasque
teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
683
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
511
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
470
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
420
Joon Smith
Joon Smith

Part and Inventory Search

Sponsor

Back
Top