Jump to content

Question

Posted

I was wondering if anyone could shed some light on the best way to configure secure access to a hosted webserver for administration (RDP, file transfers, etc.). Would running AD/NPS for PPTP(PEAP) be the way to go or are there better options?

Share this post


Link to post
Share on other sites

7 answers to this question

  • 0

Posted

So your hosted webserver is a member of your AD? Or is the DC in a AD?

I would just use ssh, public key auth is pretty freaking secure. And I can do anything I want via a ssh connection to that server. Without saying this is a no brainer if not using windows as your OS. A bit harder to get ssh up and running on windows box.

Share this post


Link to post
Share on other sites
  • 0

Posted

[quote name='BudMan' timestamp='1352035519' post='595295853']
So your hosted webserver is a member of your AD? Or is the DC in a AD?
[/quote]

Sorry, I should have specified. What I had in mind was, the webserver(server 2008 r2 std) running it's own domain with nothing else as a member of that domain, running AD purely to authenticate incoming PPTP VPN connections.

I can't believe I didn't think of SSH though. That's what I get for trying to admin while running on no sleep.

Thanks, Bud.

Share this post


Link to post
Share on other sites
  • 0

Posted

"running AD purely to authenticate incoming PPTP VPN connections."

That is a bit overkill ;)

Share this post


Link to post
Share on other sites
  • 0

Posted

I've got a VPN server running on server 03 R2 (Routing and Remote Access) without AD running and it works fine, local users can connect to it.

Share this post


Link to post
Share on other sites
  • 0

Posted

SSH Wouldn't work on Windows OS really.

Share this post


Link to post
Share on other sites
  • 0

Posted

Sure it would - couple of ways to run ssh on windows.

Here is version - not free http://www.bitvise.com/ssh-server-download for commercial, put FREE for personal.

here if free version - http://mobassh.mobatek.net/

Here is openssh port to windows
http://sshwindows.sourceforge.net/

etc.. etc.. etc.. Or just run in VM for that matter, or run it inside cygwin. Or just change to linux/bsd, if your wanting to serve up HTTP, wtf you using windows for in the first place ;)

Share this post


Link to post
Share on other sites
  • 0

Posted

[quote name='BudMan' timestamp='1352041635' post='595295999']
"running AD purely to authenticate incoming PPTP VPN connections."

That is a bit overkill ;)
[/quote]

Nah. :D

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.