Not sure if this is the right forum for this questions. I have a vpn concentrator 3005 with it's private interface connected to a dmz interface on my pix. The public interface to a hub hanging off my router facing the internet.
I have a vlan set-up on our core switch (4507) that contains servers that are used for our application developers. Our applications developers are able to access their servers by connecting and authenticating to our concentrator. The are given an ip and then access to their particular servers are controlled via the pix.
I would like to prevent the developers from being able to transfer any data from the development server to their computer they are using to make the vpn connection.
Transfer how? Secure copy, ftp, CIFS? There are multiple ways to transfer files and if the developers really want them, they will find a way to get them. Block the ports on the firewall or create a policy on the Concentrator to block ports will be your best bet.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...