SSH tunnel question
Ben Scott
dragonhawk at gmail.com
Thu Feb 28 11:33:38 EST 2008
On Thu, Feb 28, 2008 at 10:59 AM, Neil Joseph Schelly
<neil at jenandneil.com> wrote:
> It's thinking like that that means my wife can't print an email when she logs
> onto her work VPN network to check email or enter hours into their system.
> It's your network to do what you want with it, but I just wanted to vent that
> your administration method would annoy the hell out of me.
FWIW: That (forcing all traffic over the VPN when the VPN is up) is
generally done because a VPN connection is a network connection. If
you don't isolate the client, you create a huge, gaping hole through
the corporate firewall. Needless to say, that's usually a Really Bad
Idea. It may annoy the hell out of you, but going out of business
because Something Nasty penetrated the firewall is more annoying to
more people.
The other approach is to heavily firewall the client (thus extending
the corporate security perimeter to include the client), but then the
client likely wouldn't be able to print to your local network printer
anyway.
-- Ben
More information about the gnhlug-discuss
mailing list