Solved

How Does this happen?  Remote Desktop MSTSC connects to SonicWall WAN address and then straight to our Terminal Server

Posted on 2014-02-07
4
382 Views
Last Modified: 2014-02-10
We have a SonicWall TZ210, a Domain, a LAN with a Terminal Server and all works rather well.

Recently we distributed some laptops to our field staff and I installed SonicWall GVPN clients so they could log in to the SonicWall, authenticate as a SonicWall user, get a virtual local IP and run MSTSC to access our Terminal Server.
All that works PERFECTLY.

A few weeks later to my GREAT SURPRISE the notebook users tell me they no longer use the GVPN client because they can type in the WAN Address of the SonicWall ( which they read from the gvpn setup) IN  MSTSC and it then simply prompts for their Domain user credentials and pops them right into the Terminal Server.

While I am not a complete newbie to SonicWalls ( I support 5 of them around town) I was surprised and would like some more experienced SonicWall users to comment or give me some insight as to what is allowing this to happen.
0
Comment
Question by:azpete
  • 2
4 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 39842718
Is the FW port forwarding to the terminal server? That what it sounds like it is doing.
0
 

Author Comment

by:azpete
ID: 39842796
Yes, I just spoke with the IT person who first setup the Sonicwall and he informed me that originally they did that for convenience of a vendor.  
I can look at where that happens in the FW but it does appear to be one step LESS secure.
Agreed ?
0
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 39842814
Yes, it is one step less secure. I would always require the users to VPN into the network first and then remote to a server from there. I even use this same design for my home network. Minimum ports open from the external side.
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39847011
Hi azpete,

Agreed. Even if you lock down the Source IPs you are still susceptible to man-in-the-middle attacks. With VPN access for your vendors you can then terminate access whenever, explicitly control what they have access to and even setup a schedule to allow access only at specific times.

Let me know if you have any other questions!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question