Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
548
Views
0
Helpful
1
Replies

VPN client and Terminal Services or VNC

george.goebel
Level 1
Level 1

‎05-16-2005 06:46 AM

We use split tunneling and policy push the Cisco integrated firewall to the clients. What we noticed is that people using VNC and terminal services can hit the VPN client computer remotely and then bring up a tunnel. We thought the default action of the integrated firewall was to drop all traffic inbound from the Internet to the VPN client PC while the tunnel was up. This doesn't appear to be the case. I'm pretty certain that it is configured correctly. If this is the case then I would say that this is a pretty BIG security issue. Any thoughts appreciated.

Labels:
0 Helpful
1 Reply 1

ehirsel
Level 6
Level 6

‎05-16-2005 01:36 PM

What you need to do on the vpn client is to enable the stateful firewall. At the GUI, the process go to the main menu bar and select opions. Then click on the stateful firewall (always on) to turn it on (there will be a check mark if it is enabled). You can also modify the vpnclient.ini file - to do that add this entry in the [main] section:

StatefulFirewall=1

The gui name part that states always on is misleading, as it is off by default. Turning it on will stop all incoming connections to that workstation.

Let me know how it works for you.

0 Helpful
Customers Also Viewed These Support Documents