On 13 April 2013 19:22, Wayne Stallwood ALUGlist@digimatic.co.uk wrote:
Unless of course you want to force them through some proxy/content filtering etc or you want to tunnel their internet access for privacy/security reasons because their connection to the net is less trusted than the endpoint's
It's the latter.
There's a Windows server with remote desktop enabled but firewalled to prevent access except from a handful of static IPs, which is fine except anyone who needs access from a dynamic IP has a problem. They lived with it until one of the engineers upgraded to BT Infinity not realising that you can't get a static IP on a domestic package (I think it was an extra £25/mo to upgrade to business account with static IP), at which point using a "spare" server for this VPN was suggested. The users configure their VPN connection not to use the remote gateway then add a static route via the VPN for that one server's IP only.
There's actually nothing of interest on the VPN itself.
For added security I guess it could be configured to only route traffic to that server's IP though?
Mark