|
Ok,
sounds like a plausible solution to me. The only reason I asked is that some
commercial VPN solutions lock out all other adapters while being connected to
VPN and re-open them on closure of the VPN
tunnel.
I see. As you've discovered, OpenVPN doesn't.
I advocate keeping the firewall running on your dialup connection, and
any other network connections, at all times. Expose only the ports that
can be positively secured, such as OpenVPN, and keep everything else shut, even
when you're not using the vpn. That keeps your machine secure from worms,
hackers, etc. at all times.
Thinking about this a little more I see that you're connecting from the
laptop to your work machine. Since the connection on the laptop is
initiated outbound, you don't even have to expose the OpenVPN port on the
firewall. Windows XP's firewall will allow outbound connections to occur
unfettered (at least until the SP2 upgrade). ZoneAlarm will ask you
if an outbound connection is ok the first time it occurs, but you'll click
yes after checking the "remember this" checkbox and after that the connection
occurs without interuption. OpenVPN's ping options ensure that either
firewall's stateful packet inspection allows your work machine's traffic inbound
to the laptop once the outbound connection succeeds. So really, all you
need to do to secure this setup is install or enable a firewall and batten all
ports.
Enjoy.
Andrew
|