skipples

Cool. Thanks again for the replies and opinions on this.

oh, i'm sorry. i guess i misread what you were saying about all that. although that is a simple alternative too, it's not the easiest way to the end user maybe? you'd have to setup putty for them, etc. yes, one of them uses xp at home, but the boss uses a mac. i'm a huge user of ssh for all kinds of things so i love that option, but is there any real advantage over that compared to using the web based ssl/vpn adito?

thanks for your reply, sparda. well, i was going to setup the adito on a linux box of course. i guess im confused on your ssh server comment. how would the ssh server, despite for my personal use, be beneficial to the end user in this case? i guess another reason i'd like to use linux+adito to initiate that secure connection is so i can monitor incoming connections to that port/box better. i haven't had the best of luck setting up filters on 2k8's built-in firewall. crap, now you have me second guessing myself. i thought i was on the right track closing off the open port directly to that production server, which houses confidential info at times. it's a necessity for those 2 other people to have direct RD access into it from outside the network, due to the current setup.

hi guys, i am hoping you can help me out with your opinions. so i recently starting to help maintain a network for this very small business. it's very basic. 1 DC/server & 3 workstations. they are all hooked up to 3Com Baseline Switch 2126-G. due to the way it was setup, not by me, the boss + 1 other employee (of the only 3 employees there are) remote desktop into the server directly from outside the lan sometimes. as no vpn was setup for them to securely get into the network, i was thinking of setting up something basic on a headless workstation. i've really enjoyed using Adito as an ssl vpn to rdp over, ever since i heard of it in season 6. the comcast business modem has a built in firewall that we use. for the mean time, i had at least changed the default rdp port to something more obscure. as we all know, that's a no no to leave any port open directly to a server in a network for a business, despite it not passing any login info in cleartext over the connection in windows server 2008's rdp. so my question is: i want to implement a small adito vpn server. i can easily set it up, but will this be better than what is currently setup...? (layout below) isp ---> modem(built-in firewall) ---> switch ---> workstations + vpn server. if i were to leave the only 1 open port to the network pointing to the vpn/adito server, that would still be better than the way it's currently setup, right? let me know if i need to make myself a bit more clear thanks!