Hello,
I have a question about the security implecations of putting a RAS sever on
a fire wall. We are running firewall 1 on a stand alone pc. I am exploring the
idea of putting RAS services on that machine to allow remote access via the internet. Some of my superiors have reservations about doing this and using RAS period. Some believe that it will allow direct access to our server.
My proposed plan is to put RAS on the firewall and have station restrictions
for added security. This way, a user must supply the correct username and password,
and be on an approved station and RAS user in order to gain remote access to our system.
From my understading, a user accessing the system via RAS will have no more rights than if they connected via the LAN.
The remote user would connect to an ISP then use the RAS client to connect to one of our public IP addresses to gain authentication and access to our network. Hopefuly this would provide a low cost, secure remote access method for our users.
