04-13-2008 10:16 PM
Hi!
I would like to protect the host that initiates the VPN connection from the VPN network, but can't think of a way to do it.
It would look something like this:
VPN connection with firewall
VPN-client---->SPI-firewall----->Tunnel---->VPN-server
This is most certainly possible to do if one has access to the VPN-server and put the firewall on that side. I have connections to quite a few different VPN-servers but I don't control any of them. I would like to deny any traffic coming from the remote network to the host that's not "Related, Established".
04-18-2008 05:59 AM
Better you create a customized firewall to fit your organization's security policy, you should determine which Cisco IOS security features are appropriate, and configure those features. At a minimum, you must configure basic traffic filtering to provide a basic firewall.
04-18-2008 06:17 AM
As I said in my first post, I don't have access to the servers, only the client application. The servers aren't within the organization, therefore I want to protect the organization network from the one on the remote end. Another thing that makes this problematic is that there are quite a few connections used simultainously to different domains, I solved that issue by using VM:s. Now I just need to find a way to protect those VM:s.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: