How to allow outside access to internal pc securely

130 pts.
Tags:
Check Point
Firewalls
Network security
Networking
Switches
VLAN
Hi all, I need to allow an outside service engineer connect to a machine tool (PC attached) to run diagnostics on my network. What's the best way to allow him temperorily access to this internal pc? This will probably only happen a few times a month, so access doesn't have to be enabled permanently. I have a checkpoint firewall and use HP procurve managed switches. Should I be setting up a rule on the firewall or setting up a VLAN on the switch? Or some combination? Not sure how best to approach this? Thanks in advance, Paul

Answer Wiki

Thanks. We'll let you know when a new response is added.

Setting up a VPN (Virtual Private Connection) is a trivial matter to set up and provides an encrypted tunnel (link) for remote workers. If you are running Windows Server it is set up under Routing and Remote Mangement. It can even be set up on a standalone XP (probably 2000 and lower as well) workstation by creating an advanced connection in the Create New Connection wizard (Accept incoming connections.) You’d just have to route port 1723 (default PPTP port) to whichever computer is accepting the connections. You’ll also need to have a user set up to be able to connect remotely – this is done under the Dial-in tab on their user account.

#######Added by Kb3cgj#####

I usually recommend Logmein.com. You can setup a free account and give the engineer access to it. When he is done trouble-shooting..simply delete the account and uninstall the software….They have a number of good products.

Nick

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Guys I would NEVER NEVER suggest that you use sites such as logmein/gotomypc to access an Internal server…. You’re allowing access from yet ANOTHER 3rd party into your network by doing this…. it only takes one disgruntled employee at a 3rd party service to do something stupid and bang goes your network security!!

You need to set up a fully encrypted VPN, send them over the client or however you choose to do it, and pull them through your firewalls with severe restrictions!! You can always set up times for this access to reduce risk.

Amanda

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Buddyfarr
    another good tool is gotomypc. It works great and we have had engineers use it to dial into our systems before. It can be found at www.gotomypc.com
    6,850 pointsBadges:
    report
  • Billb3
    Hamahi is another free & easy to setup vpn... https://secure.logmein.com/products/hamachi/vpn.asp?lang=en Clients for Windows, Mac & Linux
    20 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following