Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 359
  • Last Modified:

Mapping a Drive?

We have a sales guy working in another city. We want to give him access to one drive, but not let him remote access in. Is VPN the only way to handle this or is there any other way? Couldnt he map a drive by ip address and we open certain ports on our firewall?
0
LeviDaily
Asked:
LeviDaily
  • 4
  • 3
  • 2
  • +2
1 Solution
 
nodiscoCommented:
If he has a static public ip address you "could" open up the ip of the machine and get him to pull information over it but I would definitely recommend using  VPN instead.  A VPN would be encrypted so if the data transfer were to be hacked it would be unreadable to the hacker.  
0
 
nodiscoCommented:
Sorry posted before finishing!

Considering you have a firewall, I would certainly use it to its full advantage.  You could setup a user pool of addresses that he would be assigned on VPN'ing in and then give access to the sole share that he needs, and nothing else.
0
 
LeviDailyAuthor Commented:
We are using RAS on a 2000 box for firewall. Wehave a public NIC card and a private NIC card. So dont I need another NIC card for VPN? Doesnt VPN take up a whole NIC Card?
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
kosmoraiosCommented:
No, not at all. You'll be fine with one nic.

Have you looked in to terminal services instead of RAS? That would solve your problem neatly.

Safenet's SoftRemote is a good software VPN solution.
0
 
nodiscoCommented:
LeviDaly

My fault - I assumed you were using a hardware based firewall.  I am not familiar with VPN over RAS on 2000 so could not give you advice on how to configure same........but you don't need a second NIC for it

Does the sales person need to copy files or just view them?  You could enable RDP for them on the firewall and let them remote desktop into the 2000 box and allow their username access to just one share....just a thought.
0
 
beaconlightboyCommented:
For roaming users you generally use a combination of a VPN appliance and VPN mobile software client.  This is because you really don't want your staff carrying around a VPN box and they generally work best with dedicated ip's.  Your VPN appliance would then distribute the ip's of your choice to that remote client after they authenticated.  VPN's are the best choice because you should never open a port to the outside world that is not protected.

we use Watchguard products to connect mobile users and remote sites.  They work great for us.
0
 
LeviDailyAuthor Commented:
What do you mean terminal services instead of RAS, arent they totally different?
0
 
nodiscoCommented:
Seconds too late!
0
 
LeviDailyAuthor Commented:
Thanks alot for your help
0
 
2hypeCommented:
You would have to go the VPN route.  The VPN will give you the security that is needed to access remote files.

The port you will open is port 445, if you just wannted to map a drive.  This is not a recommended port to open though.  This port is what worms like the sasser and Korgo target.


Here is a link that explains how to create a VPN with only one nic.

http://www.experts-exchange.com/Networking/Q_21415576.html
0
 
beaconlightboyCommented:
Terminal services is an excellent means of serving remote clients.  We use our watchguard vpn's to provide terminal services to all our remote sites.  Works great and reduces the need for travelling.  I still recommend TS over VPN though.  I wouldnt open up a TS server to the public.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 4
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now