Jim Lawrence
accessd at shaw.ca
Thu May 5 11:47:13 CDT 2011
Hi Steve: You will note that you can only access the VPN via a computer setup to run over the VPN. I can not enter 10.0.0.15 and access your VPN specifically because that IP range can only be used within an intranet. The VPN just extends that capability to computers that may be remote. Check also that the VPN station does not also supply the username and password to ease access. The environment in which you describe is fairly typical for a lot of companies. In one company, once logged into the VPN, a person can see every node in 40 states and 12 provinces and you could easily print an invoice to some printer in Georgia. Though this is not a very secure system it is fairly common. You should be able to go into the VPN client on the stations and remove the auto login feature. For a further general information, on VPNs go to OpenVPN website (http://openvpn.net/) and though the documentation is specific to the product it is standard in its features and scope. Jim PS First backup anything you are fixing as it can be easy to lose important credentials. -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Steve Erbach Sent: Thursday, May 05, 2011 7:35 AM To: Discussion of Hardware and Software issues Subject: [dba-Tech] Remote Desktop on a server Dear Group, The network guy who set up my client's Windows 2003 Server also set up remote access. He used a public DNS outfit to create a domain name which is what we use for VPN. Then he also set up one of the network adapters with an internal IP address of 10.0.0.15...so when one runs Windows Remote Desktop, the IP address to type in is 10.0.0.15. Fine. This all works. The only problem is (well, not the ONLY problem...the network guy went to jail and has been incommunicado since...and I have only a simple knowledge of network protocols and such) that the VPN setup isn't set up properly. I say that because this morning I discovered that one can simply fire up Windows Remote Desktop, type in the real IP address, and log right in. (One additional problem is that the owner of the company has network administrator rights...but NO PASSWORD!!??!!!) So my question is, what do I have to do to ensure that Remote Desktop access ONLY goes through the VPN? Do we have to set up the VPN from the server itself? I thought that that had been done, but now I'm not so sure. Regards, Steve Erbach Neenah, WI _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com