Sign in with
Sign up | Sign in
Your question

Firewalls on VPNs - Best Practice Advice

Last response: in Windows XP
Share
Anonymous
July 26, 2005 2:34:17 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,

I'm running Windows XP SP2 with the Windows Firewall turned "on" as default
for all connections.

I use the PC for connecting to various remote networks via VPN. Having
previously been advised (http://tinyurl.com/cej6f) that Firewalling VPN
connections is not recommended, I've turned off Windows Firewall
specifically for these VPN connections in the

My question regards the fact that whenever I connect to a network via VPN,
that Windows Security Centre "warns" me that the connection is not
firewalled. What would be the best practice to stop this behaviour? Turing
off warnings altogether (i.e. "I have a Firewall Solution I'll monitor
myself" tick-box within Security Centre) is not preferred as I would like to
continue being warned if my Firewall has been turned off for LAN or Wi-Fi
connections, but not for VPN connections.

Any advice much appreciated.

Regards,

Richard Tubb.
www.netlinktrading.co.uk
July 26, 2005 2:34:18 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

The link you provided discussed the old XP Firewall ICF which preceded SP2.
ICF was a very poor firewall implementation and difficult to configure. The
Windows Firewall introduced in SP2 is a much better product (though I prefer
better 3rd party firewalls) and it is not necessary nor recommended to
disable it for your VPN connection.
--

"Richard Tubb" <richard@netlinktrading.co.uk> wrote in message
news:unrayUckFHA.2444@tk2msftngp13.phx.gbl...
> Hi,
>
> I'm running Windows XP SP2 with the Windows Firewall turned "on" as
> default for all connections.
>
> I use the PC for connecting to various remote networks via VPN. Having
> previously been advised (http://tinyurl.com/cej6f) that Firewalling VPN
> connections is not recommended, I've turned off Windows Firewall
> specifically for these VPN connections in the
>
> My question regards the fact that whenever I connect to a network via VPN,
> that Windows Security Centre "warns" me that the connection is not
> firewalled. What would be the best practice to stop this behaviour? Turing
> off warnings altogether (i.e. "I have a Firewall Solution I'll monitor
> myself" tick-box within Security Centre) is not preferred as I would like
> to continue being warned if my Firewall has been turned off for LAN or
> Wi-Fi connections, but not for VPN connections.
>
> Any advice much appreciated.
>
> Regards,
>
> Richard Tubb.
> www.netlinktrading.co.uk
>
Anonymous
July 27, 2005 4:28:05 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,

Thanks for posting!

Please help me know if you want to make the IT person manage the remote DC
via Remote Desktop? As Mike said, you may want to enable "Allow logon
through Terminal Services" to let him logon to the DC.

Some information for your reference:
278433 Accessing Terminal Services Using New User Rights Options
http://support.microsoft.com/?id=278433

278666 Error Message When You Try to Connect to a Terminal Server Computer
http://support.microsoft.com/?id=278666

Hope the information helps. If there is anything that is unclear, please
feel free to let me know.

Thanks & Regards,

Jason Tan

Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| Reply-To: "Richard Tubb" <richard@netlinktrading.co.uk>
| From: "Richard Tubb" <richard@netlinktrading.co.uk>
| Subject: Firewalls on VPNs - Best Practice Advice
| Date: Tue, 26 Jul 2005 10:34:17 +0100
| Lines: 26
| Organization: Netlink Trading Ltd.
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| Message-ID: <unrayUckFHA.2444@tk2msftngp13.phx.gbl>
| Newsgroups: microsoft.public.windowsxp.work_remotely
| NNTP-Posting-Host: 82-36-82-59.cable.ubr03.harb.blueyonder.co.uk
82.36.82.59
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.work_remotely:12490
| X-Tomcat-NG: microsoft.public.windowsxp.work_remotely
|
| Hi,
|
| I'm running Windows XP SP2 with the Windows Firewall turned "on" as
default
| for all connections.
|
| I use the PC for connecting to various remote networks via VPN. Having
| previously been advised (http://tinyurl.com/cej6f) that Firewalling VPN
| connections is not recommended, I've turned off Windows Firewall
| specifically for these VPN connections in the
|
| My question regards the fact that whenever I connect to a network via
VPN,
| that Windows Security Centre "warns" me that the connection is not
| firewalled. What would be the best practice to stop this behaviour?
Turing
| off warnings altogether (i.e. "I have a Firewall Solution I'll monitor
| myself" tick-box within Security Centre) is not preferred as I would like
to
| continue being warned if my Firewall has been turned off for LAN or Wi-Fi
| connections, but not for VPN connections.
|
| Any advice much appreciated.
|
| Regards,
|
| Richard Tubb.
| www.netlinktrading.co.uk
|
|
|
Related resources
Anonymous
July 27, 2005 4:30:06 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I am sorry. Please ignore my previous wrong message.




--------------------
| Newsgroups: microsoft.public.windowsxp.work_remotely
| From: v-jasont@online.microsoft.com (Jason Tan (MSFT))
| Organization: Microsoft
| Date: Wed, 27 Jul 2005 12:28:05 GMT
| Subject: RE: Firewalls on VPNs - Best Practice Advice
| X-Tomcat-NG: microsoft.public.windowsxp.work_remotely
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
|
| Hi,
|
| Thanks for posting!
|
| Please help me know if you want to make the IT person manage the remote
DC
| via Remote Desktop? As Mike said, you may want to enable "Allow logon
| through Terminal Services" to let him logon to the DC.
|
| Some information for your reference:
| 278433 Accessing Terminal Services Using New User Rights Options
| http://support.microsoft.com/?id=278433
|
| 278666 Error Message When You Try to Connect to a Terminal Server Computer
| http://support.microsoft.com/?id=278666
|
| Hope the information helps. If there is anything that is unclear, please
| feel free to let me know.
|
| Thanks & Regards,
|
| Jason Tan
|
| Microsoft Online Partner Support
| Get Secure! - www.microsoft.com/security
|
| =====================================================
|
| When responding to posts, please "Reply to Group" via your newsreader so
| that others may learn and benefit from your issue.
|
| =====================================================
| This posting is provided "AS IS" with no warranties, and confers no
rights.
|
| --------------------
| | Reply-To: "Richard Tubb" <richard@netlinktrading.co.uk>
| | From: "Richard Tubb" <richard@netlinktrading.co.uk>
| | Subject: Firewalls on VPNs - Best Practice Advice
| | Date: Tue, 26 Jul 2005 10:34:17 +0100
| | Lines: 26
| | Organization: Netlink Trading Ltd.
| | X-Priority: 3
| | X-MSMail-Priority: Normal
| | X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| | X-RFC2646: Format=Flowed; Original
| | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| | Message-ID: <unrayUckFHA.2444@tk2msftngp13.phx.gbl>
| | Newsgroups: microsoft.public.windowsxp.work_remotely
| | NNTP-Posting-Host: 82-36-82-59.cable.ubr03.harb.blueyonder.co.uk
| 82.36.82.59
| | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
| | Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windowsxp.work_remotely:12490
| | X-Tomcat-NG: microsoft.public.windowsxp.work_remotely
| |
| | Hi,
| |
| | I'm running Windows XP SP2 with the Windows Firewall turned "on" as
| default
| | for all connections.
| |
| | I use the PC for connecting to various remote networks via VPN. Having
| | previously been advised (http://tinyurl.com/cej6f) that Firewalling VPN
| | connections is not recommended, I've turned off Windows Firewall
| | specifically for these VPN connections in the
| |
| | My question regards the fact that whenever I connect to a network via
| VPN,
| | that Windows Security Centre "warns" me that the connection is not
| | firewalled. What would be the best practice to stop this behaviour?
| Turing
| | off warnings altogether (i.e. "I have a Firewall Solution I'll monitor
| | myself" tick-box within Security Centre) is not preferred as I would
like
| to
| | continue being warned if my Firewall has been turned off for LAN or
Wi-Fi
| | connections, but not for VPN connections.
| |
| | Any advice much appreciated.
| |
| | Regards,
| |
| | Richard Tubb.
| | www.netlinktrading.co.uk
| |
| |
| |
|
Anonymous
September 7, 2005 7:31:20 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,

GTS and co, thanks for all the advice on this subject. I'm now using SP2
Windows Firewall turned "on" for VPN sessions with the appropriate
exceptions for File Sharing, etc. as required without any problems.

Regards,

Richard Tubb.
www.netlinktrading.co.uk

"GTS" <x> wrote in message news:eWN4lUekFHA.3300@TK2MSFTNGP15.phx.gbl...
> The link you provided discussed the old XP Firewall ICF which preceded
> SP2. ICF was a very poor firewall implementation and difficult to
> configure. The Windows Firewall introduced in SP2 is a much better
> product (though I prefer better 3rd party firewalls) and it is not
> necessary nor recommended to disable it for your VPN connection.
> --
>
> "Richard Tubb" <richard@netlinktrading.co.uk> wrote in message
> news:unrayUckFHA.2444@tk2msftngp13.phx.gbl...
>> Hi,
>>
>> I'm running Windows XP SP2 with the Windows Firewall turned "on" as
>> default for all connections.
>>
>> I use the PC for connecting to various remote networks via VPN. Having
>> previously been advised (http://tinyurl.com/cej6f) that Firewalling VPN
>> connections is not recommended, I've turned off Windows Firewall
>> specifically for these VPN connections in the
>>
>> My question regards the fact that whenever I connect to a network via
>> VPN, that Windows Security Centre "warns" me that the connection is not
>> firewalled. What would be the best practice to stop this behaviour?
>> Turing off warnings altogether (i.e. "I have a Firewall Solution I'll
>> monitor myself" tick-box within Security Centre) is not preferred as I
>> would like to continue being warned if my Firewall has been turned off
>> for LAN or Wi-Fi connections, but not for VPN connections.
>>
>> Any advice much appreciated.
>>
>> Regards,
>>
>> Richard Tubb.
>> www.netlinktrading.co.uk
>>
>
>
!