terminal servers + freebsd firewall

Paul Civati paul at xciv.org
Wed Jan 24 19:46:25 GMT 2001


[ Not quite sure what this has to do with FreeBSD.. ;) but copied
  to the list as people might find it interesting ]

David,

>    has anyone managed to have terminal servers running and having
> a firewall up ? I have been giving the task of setting up a firewall
> that will allow ppl to use the terminal servers.

Having ascertained that we're talking about Windows TS and/or
Citrix, and not a dialup terminal server..

Well, I always shudder at the idea of letting applications through
the firewall.  I think this is a prime candidate for user VPNs into
your network.  Get this sorted, and then people will be able to
use all kinds of applications, without you having to add more
filter holes every time some new requirement raises its ugly head.

Some firewalls (eg. Firewall-1) have built-in functionality for
client VPN connections.

Alternatively you can set up a PPTP gateway inside your network
and allow the relevant ports in/out.  For clients the PPTP adapter
is included in Win98/NT/2000, you'll need DUN 1.3 for Win95.

> Also we have an exchange server and they want to be able to access
> their email throught the web side of exchange.

Then you want Microsoft Web Outlook, which provides an Outlook type
interface in a web browser (works over SSL too, if you don't want
your email passing across networks in the clear).

> Has any had the same type of task ?

Yep.. ;) life in a corporate IT dept. has its challenges, although
the NT ones aren't mine, only the network and UNIX ones. :)

-Paul-




More information about the Ukfreebsd mailing list