Basic XP VPN Connections?

Archived from groups: comp.dcom.vpn (More info?)

This is the setup I have:

My Laptop (Goofy) has three partitions, one of which is shared on my
XP Home network.

My Desktop 1 (Mickey) has four partitions, two of which are shared on
the XP Home network.

My Desktop 2 (Minnie) has three partitions, two of which are shared on
the XP Home network.

My friend has in his house, his laptop running XP Home.

I have set up Desktop 1 (Mickey) to run as the VPN server as I have a
static IP address. No major problems there, and my friend can log in,
but he can see all the shares (ie, both shared partitions on Mickey,
both shared partitions on Minnie and also my shared partition on
Goofy).

How do I restrict what he can see/access via VPN? I only want to give
him access to one partition on Mickey and nothing else, but I do want
all three of my PC's to be able to access all the shares on each
other.

As a total newbie to VPN, any idiots guides would be most welcome.

Many thanks,

--
Bryan Anderson <www.anderson-it.com>
1 answer Last reply
More about basic connections
  1. Archived from groups: comp.dcom.vpn (More info?)

    Bryan Anderson wrote:
    > This is the setup I have:
    >
    > My Laptop (Goofy) has three partitions, one of which is shared on my
    > XP Home network.
    >
    > My Desktop 1 (Mickey) has four partitions, two of which are shared on
    > the XP Home network.
    >
    > My Desktop 2 (Minnie) has three partitions, two of which are shared on
    > the XP Home network.
    >
    > My friend has in his house, his laptop running XP Home.
    >
    > I have set up Desktop 1 (Mickey) to run as the VPN server as I have a
    > static IP address. No major problems there, and my friend can log in,
    > but he can see all the shares (ie, both shared partitions on Mickey,
    > both shared partitions on Minnie and also my shared partition on
    > Goofy).
    >
    > How do I restrict what he can see/access via VPN? I only want to give
    > him access to one partition on Mickey and nothing else, but I do want
    > all three of my PC's to be able to access all the shares on each
    > other.
    >
    > As a total newbie to VPN, any idiots guides would be most welcome.
    >
    > Many thanks,
    >

    Windows XP Home has very little security features. It is basically all
    or nothing. This is basically one of the major differences between the
    XP Home and Pro editions.

    You can hide certain shares somewhat by using a $ character as the last
    part of the share name. This restricts the share from showing up in the
    browse list so they will need to know what the share is called to
    connect to it manually.

    You didn't mention what you are using to create your VPN so I don't know
    if there is any way to restrict the internal IP's that a client can
    connect to. Generally if this is possible on a VPN setup you would
    setup firewall rules on the incoming VPN connection to only allow VPN
    clients to connect to certain IPs in the internal network and have the
    rest blocked by a filter.

    I didn't think that XP Home has the Incoming connection feature (PPTP)
    in the network connections settings but if it does and that is what you
    are using you might be able to change the properties in the connection
    and remove the check box for TCP/IP network properties for "Allow
    callers to access my local area network" to restrict them to only
    connecting to the VPN end point computer. As far as I know this is the
    only level of restriction you can set on the XP Incoming connections VPN
    feature.


    --
    WARNING! Email address has been altered for spam resistance.
    Please remove the -deletethispart-. section before replying directly.
    Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)
Ask a new question

Read More

VPN Desktops Windows XP Networking