how safe are VPN users

I'm in the middle of setting up a webspace service (using VPN and sharepoints through samba) to allow people to connect through a vpn and get access to their own network drives.

While different people are connected to the VPN, they are obviously in the same address pool (or LAN) as other users from around the world. Can those internal users sniff / hack into each other's computers just as easy as if there was no VPN, or does the VPN offer better security in that scenario. The only obvious thing it will do, is block out anyone who is not logged into the VPN itself, but that doesn't necessarily mean that our users are going to be saints ...

Any suggestions or feedback on security for this topic would be greatly appreciated.

-Mel
melligeorgiouAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
trinak96Commented:
The easiest way around this would be to NOT allow computers on the same subnet (your remote clients) to be able to communicate with eachother.
Or if their VPN software clients then do NOT put same subnet traffic into the protected routes.
Basically you create the "interesting traffic" to your main site only and deny same subnet communication. This way the traffic will not be pushed to the tunnel.


0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
 
melligeorgiouAuthor Commented:
Sounds good .. I'm using Mac OS X Server 10.4 for the VPN, and I'm not sure how to block same subnet communication. There doesn't seem to be anything in the GUI that lets me do this, so it's probably a terminal procedure..

Can anyone help me with this?

Thanks,

-Mel
0
 
trinak96Commented:
I dont know about the Mac setup unfortunately.
Your better off raising a new question and adding it to the Mac Zone.
0
 
melligeorgiouAuthor Commented:
Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.