Encrypted RPC and firewalling

• Previous message (by thread): Encrypted RPC and firewalling
• Next message (by thread): TwTelecom engineer offlist
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Also,

Most enterprises that support Exchange remote access use RPC over HTTPS which is encrypted and easy to allow on the firewall.

----
Matthew Huff             | 1 Manhattanville Rd
Director of Operations   | Purchase, NY 10577
OTA Management LLC       | Phone: 914-460-4039
aim: matthewbhuff        | Fax:   914-460-4139


> -----Original Message-----
> From: Valdis.Kletnieks at vt.edu [mailto:Valdis.Kletnieks at vt.edu]
> Sent: Thursday, November 10, 2011 7:51 AM
> To: Lasse Birnbaum Jensen
> Cc: nanog at nanog.org
> Subject: Re: Encrypted RPC and firewalling
> 
> On Thu, 10 Nov 2011 09:56:51 +0100, Lasse Birnbaum Jensen said:
> > I would like to know how you guys handle encypted rpc across
> firewalls.
> 
> You can always just set the firewall to ban RPC in general, whether or
> not it's encrypted (while you're there, close off ports 137-139 and
> other chucklehead stuff like that), and just make the user who's
> outside the firewall VPN in.  That's a nice, simple, well-understood
> configuration that almost all software and even most users can handle.
> 
> (We don't actually do a big monolithic firewall box - but pretty much
> everything has an iptables ruleset loaded that says "if your source IP
> isn't inside our 2 /16s, your packets go bye bye".  And there's a nice
> PPTP-based VPN solution in place that even a humanities professor
> emeritus can use ;)

• Previous message (by thread): Encrypted RPC and firewalling
• Next message (by thread): TwTelecom engineer offlist
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]