Cisco concentrator clients and Nortel VPN clients on the private interface of the PIX are able to use software VPN clients and log onto external VPN devices. Is there a way to ensure that these connections will not be permited by default?
This will deny port 500 from leaving the inside network.
Hope that helps...
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: