I thought you liked Licorice? ;-) Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Wednesday, July 20, 2005 10:21 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Question for the Gallery regarding VPN access > > http://www.ISAserver.org > > Yeh - and you're a terrible landlord, too... > ;-p > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Wednesday, July 20, 2005 06:44 > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Question for the Gallery regarding VPN access > > http://www.ISAserver.org > > Hi Jim, > > GREAT! Its funny that I never thought of this until after I asked the > question re: Server Publishing Rules. And here you mirrored > the thought > I had for the first time today. > > You're not one of the voices in my head, are you? > > Tom > www.isaserver.org/shinder > Tom and Deb Shinder's Configuring ISA Server 2004 > http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > > Sent: Wednesday, July 20, 2005 8:15 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: Question for the Gallery regarding VPN access > > > > http://www.ISAserver.org > > > > 1. stop trying to server-publish file shares (and web shares) > > 2. use raw protocols that don't tolerate NAT (SvrPub) > > 3. authenticate the user (SvrPub can't) > > 4. reduce the ISA (and upstream) attack surface > > 5. quarantine, baby! > > > > -----Original Message----- > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > > Sent: Wednesday, July 20, 2005 6:03 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Question for the Gallery regarding VPN access > > > > http://www.ISAserver.org > > > > Hey guys, > > > > I want to do an article on how you can use the ISA firewall > to provide > > fined-tuned access control for VPN users. > > > > To make is as topical as possible (within the limits of my > > abilities and > > time), what are the top three reasons for you to give users > VPN access > > to your network instead of creating Web or Server Publishing Rules? > > > > Thanks! > > Tom > > www.isaserver.org/shinder <http://www.isaserver.org/shinder> > > Tom and Deb Shinder's Configuring ISA Server 2004 > > http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> > > MVP -- ISA Firewalls > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org > Discussion List as: > > jim@xxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > All mail to and from this domain is GFI-scanned. > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >