Skip First Level Navigation | Skip All Navigation

Agencies | Online Services | Web Policies | Help  Email this page to a friendWatch this page and email me when it is updatedAdd this page to My Maine.gov Links

Home > Services > Firewall > Policy for Internet Client VPN Connection

Policy for Internet Client VPN Connection

Title: Policy for Internet Client VPN Connections
Product: VPN-1 SecuRemote
Description: Limitations and policies for SecuRemote / Internet VPN connections
Date: October 17, 2001; last revised February 11, 2003
File: pdoc3.html
Author: BIS/NSD

- Access via SecuRemote is nearly, but not 100% equivalent to dial up (via IPRS). Microsoft and Novell style file and print sharing as well as LAN logons across the Internet are possible though not currently supported. Transaction based applications work well, including Exchange/Outlook, Oracle, SQL, web based applications and the like.
- Access via SecuRemote is time limited and is neither designed nor intended to be a full time solution.
- Level 1 support is provided by agency (designated) IT staff.
- Level 2 support is provided by BIS to designated agency IT staff with regard to product defects.
- Custom contract services for VPN work is at the published time and materials rate for LAN Support.
- Customers may be required to upgrade client software to maintain compatibility with new VPN systems.
- Customers with a BIS issued RSA/SecurID card are automatically authorized to access this service.
- There are no other charges for VPN service (beyond that for the SecurID card) at this time.
- BIS support is for Windows clients (there is an unsupported client for MacOS).
- BIS supported software and basic instructions can be downloaded from http://inet.state.me.us/oit/services/firewall.
- Problems can arise with ICS and user firewalls. SecuRemote will now work through many of these types of products and devices if the required ports are allowed to pass correctly. You will however need to upgrade your SecuRemote installation in order to enable this feature. It is recommended that you uninstall the old version and then install the new version using the instructions and code found on the link above. SecuRemote has been tested by BIS staff on select Linksys, Netgear and Smoothwall products however we cannot provide support for these products. Both Netgears tested (FVS318 and RP614) required firmware upgrades despite being brand new. Contact your IT staff for assistance in upgrading SecuRemote.
- Note there used to be a problem with DNS name resolution of internal WAN hosts via SecuRemote; this problem is fixed but you may need to upgrade your SecuRemote in order to be able to use the fix. Contact your IT staff for assistance in updating/upgrading SecuRemote.