I have successfully configured several VPN connections between my LAN and those of some of my clients using Vigor ADSL routers. I have used DES-MD5 so the data is encrypted so am relatively happy with the tunnelling using L2TP but my question is concerning the security of data on the networks using the default firewall settings. At present it seems that NAT is the only thing protecting the workstations. There is a default filter in the firewall settings that blocks TCP/IP /UDP on ports 137-139 and 53. I have also changed the default port for remote access of the router and the VPN connections are between fixed stated IP addresses.
How can I acertain whether the security settings are secure or what can I do to further improve scurity?