moregti
asked on
Route external user to specific IP in a VPN.
I have a VPN configured using Microsoft SBS 2003 in a AD environment. Everything is working fine but I want to limit the user to be able to connect to his machine only. Right now, once a user connects to the VPN, he can Remote Desktop to any machine in the network including the server (though he needs the username/password). What can I do to prevent this from happening?
What I want is to have a user "John", to be able to join a VPN, and he can only Remote Desktop to his machine only (I know his machine has to be static IP) and NOT ANY OTHER machine in the network.
What I want is to have a user "John", to be able to join a VPN, and he can only Remote Desktop to his machine only (I know his machine has to be static IP) and NOT ANY OTHER machine in the network.
Create a remote access policy in routing and remote access. Only allow RDP to his workstation and block everywhere else.
ASKER
Thanks for the reply neoponder. I tried creating a new policy and I don't see the option to allow RDP and deny everything is located. This network is going to have more than one user connecting to it. Do I have to create a new policy for each user? (once I figure out how to do it that is)
Thanks in advance.
Thanks in advance.
best performence
Internet----PIX------Netge ar1------- Servers, Plotters, Heavy Users
|
|
|
Netgear2--------More users
Upliink the dlink to netgear one and put people you don't like on it.
Internet----PIX------Netge
|
|
|
Netgear2--------More users
Upliink the dlink to netgear one and put people you don't like on it.
My asci was shifted the netgear 2 should be attached to the pix
Internet----PIX------Netge ar1------- Servers, Plotters, Heavy Users
|
|
Netgear2--------More users
Internet----PIX------Netge
|
|
Netgear2--------More users
Oh well, attache the netgear 2 to netgear 1
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wow thanks all of you guys for helping. Neoponder, I see your solution that would be the best way to go but it is way too complicated for me :p. And RPPreacher, wow I didn't even think of that. I did it that way and all problem solved. Thank you all!!
Lai
Lai