VPN for restricting admin access?

Posted on 2009-12-30
Last Modified: 2013-11-05
Hi All,

A friend of mine told me that in their company they are using a VPN gateway to control administrative access to the DMZ in addition to allowing remote access to external users.  According to him they are using it for admin access as VPN gateway encrypts traffic and enforces strong authentication.  I would like to know whether it is a common practice to do this and if not, is there a better solution.

Question by:ISS_Expert
    LVL 12

    Accepted Solution

    This is a valid solution. If you wish, you can set up a VPN which is required to be utilised from inside your network to be able to administer the DMZ. You then set up your firewall rules to only allow access to the admin interface from the VPN addresses.

    This has the advantage of requiring an additional level of authentication to be able to connect to the admin interface rather than simply being inside the network. Other mechanisms could be to have a Terminal Server set up and anyone wanting access to the admin interface has to do this from a session on the TS. Either of these solutions will allow you additional logging and control over the access to the admin interface.

    It isn't a matter of better solutions, but rather different solutions. There will be various trade offs (such as cost, convenience etc) and your requirements will determine what is best for your situation.

    LVL 1

    Author Closing Comment

    Thanks a lot!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
    Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now