Re: RV220W pptp vpn security issue

cwfsite · ‎07-07-2011

I created a subnet (e.g 192.168.9.1 - 192.168.9.5) for pptp VPN, and disable remote management in firewall. While someone (e.g 192.168.9.1)use pptp VPN entry to my local newtwork, some security issues need help :

1) why VPN user (192.168.9.1) should access my firewall (e.g 192.168.1.1) even I disable remote management in firewall ? I would like to said it is a backhole at pptp VPN for hacker to try my router login, it is not security.

2) how to control pptp VPN user(192.168.9.1) to access(block) my others subnet VLAN, the VPN user seems no restrict to access my others vlan, it is dangerous also.

cwfsite · ‎07-10-2011

I test a case last night.

I create a valn (192.168.5.100 - 192.168.5.254) and disable inter-vlan, it represents I want to isolate this valn, and deny others vlan to access this isolate vlan.

Under this isolate vlan contain a NAS web server (e.g 192.168.5.100), as I use PPTP VPN login to my local network and get internal ip (192.168.9.100), I am not understand why the VPN user (192.168.9.100) can access my isolate vlan NAS web server ( 192.168.5.100) ?