On 13 April 2013 19:22, Wayne Stallwood <ALUGlist@digimatic.co.uk> wrote:
Unless of course you want to force them through some proxy/content filtering etc or you want to tunnel their internet access for privacy/security reasons because their connection to the net is less trusted than the endpoint's
It's the latter. There's a Windows server with remote desktop enabled but firewalled to prevent access except from a handful of static IPs, which is fine except anyone who needs access from a dynamic IP has a problem. They lived with it until one of the engineers upgraded to BT Infinity not realising that you can't get a static IP on a domestic package (I think it was an extra £25/mo to upgrade to business account with static IP), at which point using a "spare" server for this VPN was suggested. The users configure their VPN connection not to use the remote gateway then add a static route via the VPN for that one server's IP only. There's actually nothing of interest on the VPN itself. For added security I guess it could be configured to only route traffic to that server's IP though? Mark -- Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450 Registered in England (0456 0902) @ 13 Clarke Rd, Milton Keynes, MK1 1LG