Basic XP VPN Connections?

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

This is the setup I have:

My Laptop (Goofy) has three partitions, one of which is shared on my
XP Home network.

My Desktop 1 (Mickey) has four partitions, two of which are shared on
the XP Home network.

My Desktop 2 (Minnie) has three partitions, two of which are shared on
the XP Home network.

My friend has in his house, his laptop running XP Home.

I have set up Desktop 1 (Mickey) to run as the VPN server as I have a
static IP address. No major problems there, and my friend can log in,
but he can see all the shares (ie, both shared partitions on Mickey,
both shared partitions on Minnie and also my shared partition on
Goofy).

How do I restrict what he can see/access via VPN? I only want to give
him access to one partition on Mickey and nothing else, but I do want
all three of my PC's to be able to access all the shares on each
other.

As a total newbie to VPN, any idiots guides would be most welcome.

Many thanks,

--
Bryan Anderson <www.anderson-it.com>

 

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

Bryan Anderson wrote:
> This is the setup I have:
>
> My Laptop (Goofy) has three partitions, one of which is shared on my
> XP Home network.
>
> My Desktop 1 (Mickey) has four partitions, two of which are shared on
> the XP Home network.
>
> My Desktop 2 (Minnie) has three partitions, two of which are shared on
> the XP Home network.
>
> My friend has in his house, his laptop running XP Home.
>
> I have set up Desktop 1 (Mickey) to run as the VPN server as I have a
> static IP address. No major problems there, and my friend can log in,
> but he can see all the shares (ie, both shared partitions on Mickey,
> both shared partitions on Minnie and also my shared partition on
> Goofy).
>
> How do I restrict what he can see/access via VPN? I only want to give
> him access to one partition on Mickey and nothing else, but I do want
> all three of my PC's to be able to access all the shares on each
> other.
>
> As a total newbie to VPN, any idiots guides would be most welcome.
>
> Many thanks,
>

Windows XP Home has very little security features. It is basically all
or nothing. This is basically one of the major differences between the
XP Home and Pro editions.

You can hide certain shares somewhat by using a $ character as the last
part of the share name. This restricts the share from showing up in the
browse list so they will need to know what the share is called to
connect to it manually.

You didn't mention what you are using to create your VPN so I don't know
if there is any way to restrict the internal IP's that a client can
connect to. Generally if this is possible on a VPN setup you would
setup firewall rules on the incoming VPN connection to only allow VPN
clients to connect to certain IPs in the internal network and have the
rest blocked by a filter.

I didn't think that XP Home has the Incoming connection feature (PPTP)
in the network connections settings but if it does and that is what you
are using you might be able to change the properties in the connection
and remove the check box for TCP/IP network properties for "Allow
callers to access my local area network" to restrict them to only
connecting to the VPN end point computer. As far as I know this is the
only level of restriction you can set on the XP Incoming connections VPN
feature.


--
WARNING! Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)