Firewall on VPN-client.

Unanswered Question
Apr 13th, 2008

Hi!

I would like to protect the host that initiates the VPN connection from the VPN network, but can't think of a way to do it.

It would look something like this:

VPN connection with firewall

VPN-client---->SPI-firewall----->Tunnel---->VPN-server

This is most certainly possible to do if one has access to the VPN-server and put the firewall on that side. I have connections to quite a few different VPN-servers but I don't control any of them. I would like to deny any traffic coming from the remote network to the host that's not "Related, Established".

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
aghaznavi Fri, 04/18/2008 - 05:59

Better you create a customized firewall to fit your organization's security policy, you should determine which Cisco IOS security features are appropriate, and configure those features. At a minimum, you must configure basic traffic filtering to provide a basic firewall.

AndreasJo Fri, 04/18/2008 - 06:17

As I said in my first post, I don't have access to the servers, only the client application. The servers aren't within the organization, therefore I want to protect the organization network from the one on the remote end. Another thing that makes this problematic is that there are quite a few connections used simultainously to different domains, I solved that issue by using VM:s. Now I just need to find a way to protect those VM:s.

Actions

This Discussion