General discussion

  • Creator
  • #2285339

    Setting up a VPN


    by stangguykc ·

    My company needs to set up a VPN to a client of ours to run one of their applications off of. We are a call center, and will be setting up appointments for them, so we’ll also be accessing their client database. The client already has a VPN server in place, so will all we need to do is configure a client to access their server to run the application and access the database off of? Obviously we’ll have to open up some ports on our firewall to pass the VPN traffic, but I know how to take care of that anyways. They are wanting to bring a consultant in, because no one in the IT department has personally set one up before, but I think that would be a waste of money because I feel its do-able


All Comments

  • Author
    • #3313300

      Security First

      by razz2 ·

      In reply to Setting up a VPN

      There are a number of issues here.

      Lets go backwards through your post. Yes, it is do-able
      by your IT staff. You will need to work with the remote
      staff to get the tunnel going. You will need to know what
      type of VPN they are running. IPSec, L2TP, PPTP? Are
      they running hardware or software VPN and by whom?
      Permisions will be an issue too. Once you are
      connected that does not give network access, just
      connectivity. Their application may have it’s own
      validation, but you may also need network validation.
      They can answer that.

      VPN endpoints at the server are not what I recommend.
      You will have to open ports on the firewall as you know.
      So, Now your firewall, the security for your network, will
      have a door. These ports will allow any traffic through
      on that port because the validation happens inside the
      wall. A VPN firewall or device is better. Why would you
      not want to stop all traffic at the wall and then only allow
      traffic after they are validated? All hack attempts can
      either hit your servers or the wall first. I know my choice.


Viewing 0 reply threads