Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Inbound VPN Restrictions Scenario

I need to find the best way to configure a VPN connection for one of our clients with some restrictions

We are moving to a 871, replacing our dying SOHO WatchGuard. The customer currently VPN's in and gets assigned, part of our main network. He has a shared printer (on a PC) that we print orders to.

- customer establishes connection

- we open \\\ and authenticate with a username & password

- we than can use our Accounting software to print to their mapped printer.

I want to change this a little on my end, I cannot change their equipment.

Created a Tunnel on 871 assigning customer (only ip in pool). Using a test machine, I was able to print to a shared PC - just had modify file/print sharing to include network address.

What I want to make sure is that when the customer connects, they cannot access any services/machines on the network.

The ability to print from any machine on VLAN1 to the remote client should be allowed, along with icmp. However, all other traffic should be disallowed

The clients printer is an Okidata Turbo 320 Line printer ... there should be no bi-directional communication.

Any suggestions on the best approach to this?

CreatePlease to create content