Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 389
  • Last Modified:

How Does this happen? Remote Desktop MSTSC connects to SonicWall WAN address and then straight to our Terminal Server

We have a SonicWall TZ210, a Domain, a LAN with a Terminal Server and all works rather well.

Recently we distributed some laptops to our field staff and I installed SonicWall GVPN clients so they could log in to the SonicWall, authenticate as a SonicWall user, get a virtual local IP and run MSTSC to access our Terminal Server.
All that works PERFECTLY.

A few weeks later to my GREAT SURPRISE the notebook users tell me they no longer use the GVPN client because they can type in the WAN Address of the SonicWall ( which they read from the gvpn setup) IN  MSTSC and it then simply prompts for their Domain user credentials and pops them right into the Terminal Server.

While I am not a complete newbie to SonicWalls ( I support 5 of them around town) I was surprised and would like some more experienced SonicWall users to comment or give me some insight as to what is allowing this to happen.
0
azpete
Asked:
azpete
  • 2
1 Solution
 
SouljaCommented:
Is the FW port forwarding to the terminal server? That what it sounds like it is doing.
0
 
azpeteAuthor Commented:
Yes, I just spoke with the IT person who first setup the Sonicwall and he informed me that originally they did that for convenience of a vendor.  
I can look at where that happens in the FW but it does appear to be one step LESS secure.
Agreed ?
0
 
SouljaCommented:
Yes, it is one step less secure. I would always require the users to VPN into the network first and then remote to a server from there. I even use this same design for my home network. Minimum ports open from the external side.
0
 
Blue Street TechLast KnightsCommented:
Hi azpete,

Agreed. Even if you lock down the Source IPs you are still susceptible to man-in-the-middle attacks. With VPN access for your vendors you can then terminate access whenever, explicitly control what they have access to and even setup a schedule to allow access only at specific times.

Let me know if you have any other questions!
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now