VPN connection to my internal servers

-

hi there

what have:

  • our network consist in cisco router holds public static ip address , nat local network, , vpn service
  • the domain server windows server 2008 standard r2 x32, has static local ip address.
  • i want clints acces adc server, in win 2008 r2
  • the client machines windows xp sp3 x86.

want:
  • encrypted connection.
  • authentication.
  • secure, server contains valuable work.

hi harishk ,

 

before move on, confirm following information you:

1.       does cisco router hold nat , vpn service?

2.       could tell me “ adc server” ?

3.       what dc’s os version? because in windows server 2008 r2 have not x32 version.

 

i thought may security suggestion clients access internal server via vpn external networking.

if misunderstand please let me know.

 

>encrypted connection.

layer 2 tunneling protocol (l2tp) on internet protocol security (ipsec) connections recommended strongest encryption.

>authentication.

the secure method of authentication extensible authentication protocol-transport level security (eap-tls) when used in conjunction smart cards.

>secure, server contains valuable work.

use microsoft baseline security analyzer (mbsa) utility.

microsoft baseline security analyzer (mbsa) easy-to-use tool designed professional helps small- , medium-sized businesses determine security state in accordance microsoft security recommendations , offers specific remediation guidance.

 

for more detail information, please article below

 

security recommendations vpn

 

http://technet.microsoft.com/en-us/library/cc995071.aspx

 

enterprise security best practices

 

http://technet.microsoft.com/en-us/library/dd277328.aspx#elaa

 

microsoft baseline security analyzer

 

http://technet.microsoft.com/en-us/security/cc184924.aspx

 

thanks

 

tiger li



Windows Server  >  Platform Networking



Comments

Post a Comment

Popular posts from this blog

Edit Group Policy

-
i have pc has power settings pushed out default domain policy in ad environment. of course on local machine "some settings managed system adminstrator". the machine temporarily no longer in contact domain controller (it's been physically moved , not on same network now) can't updated gpo settings. i believe if edit local group policy won't make difference because of group policy processing , precedence. since it's temporary away ad network, still want use settings of ad user. is there somewhere in registry stored can edit power plan manually until can sync domain? (i need prevent sleeping while plugged in - it's set 1 hour) thanks! allen crist i found site: http://gpsearch.azurewebsites.net/#7916 i able add policy to hkey_local_machine\software\policies\microsoft\power using specs found on site. looks solved issue. i'll report if didn't. thanks! allen crist ...
Read more

Hyper-V VM not reaching OS 'Logon' screen

-
i trying migrate vm vmware hyper-v. so far have done following (seemingly successfully): prepare vmware vm conversion hyper-v format (vhd) within vmware workstation 8.0 environment following steps guide: http://social.technet.microsoft.com/forums/en/winserverhyperv/thread/ef8c12f7-c45d-442e-9a30-c43cd87df3b3   (i.e. remove vm tools, add new ide hard disk…) use vmdk2vhd application convert individual vmdk files vhd ones create new vm in hyper-v exporting in 3 newly converted vhd files at point have checked settings , powered on vm in hyper-v find although windows begins load expected manages reach screen prior login screen saying either of following messages: “windows starting up…” “the active directory rebuilding indices… please wait” to knowledge, albeit limited in area, vm should present me login screen since appears in vmware. if start vm in safe mode can login not desired affect. below details of vm: operating system: windows server 2003 (enterprise edit...
Read more

DNS question...

-
i new setting dns server....my domain name expl. "domain.com"....i set "a" record in forward lookup for  www.domain.com itself...."server's local ip"....i've added no other zones , i seem able resolve names except own....www.domain.com.....also, do i put my isp's dns ip's....for external dns's server can't resolve?....forwarding or in nic setup?......i want setup in my dns server don't have include them on client side..... thanks mark     not put isp dsn server address in settings on nic dc or clients. should point local dns server on dc. set dns forward public dns, such isp. bill Windows Server  >  Network Infrastructure Servers
Read more