I need to find the best way to configure a VPN connection for one of our clients with some restrictions
We are moving to a 871, replacing our dying SOHO WatchGuard. The customer currently VPN's in and gets assigned 10.0.0.249/24, part of our main network. He has a shared printer (on a PC) that we print orders to.
- customer establishes connection
- we open \\10.0.0.249\ and authenticate with a username & password
- we than can use our Accounting software to print to their mapped printer.
I want to change this a little on my end, I cannot change their equipment.
Created a Tunnel on 871 assigning customer 192.168.230.249/24 (only ip in pool). Using a test machine, I was able to print to a shared PC - just had modify file/print sharing to include network address.
What I want to make sure is that when the customer connects, they cannot access any services/machines on the network.
The ability to print from any machine on VLAN1 to the remote client should be allowed, along with icmp. However, all other traffic should be disallowed
The clients printer is an Okidata Turbo 320 Line printer ... there should be no bi-directional communication.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...