I have a question about what i am reading in the PDM for my PIX 501. When I look under access rules I see the following:
Source any, destination network internal local Term server and VPN server, interface outside, service pptp
This means to me that the local ip address is allowed to be used as a VPN server if accessed from the outside
Then under trasnlation rules I see the following:
Interface inside,address internal Terminal server and VPN server address, interface outside, address external address we access the VPN from.
This means to port from the internal IP to the external IP when it connects out.
I also see the followingunder access rules: Source any, destination network internal local Term server and VPN server, interface outside, service 3389/tcp
This means that the same server as above not onyl has the pptp port but also terminal server and to me this is not a good thing.
And the finally under translation rules: Interface inside,address internal Terminal server and VPN server address port 3389, interface outside, address external address we access the VPN from.
same as the pptp trasnlation but this one is for term server.
I inherited this PIX and this network as a side job and I haven't used a PIX before but i managed to upload the PDM to view this configuration. If I want to setup my Terminal server/VPN server to be accessed a little more securely from the internet then i think I only need to open the pptp port to this device and then close the terminal server port. Is this correct? Thanks for your help.