Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
989
Views
0
Helpful
3
Replies

VPN3005 Lan2Lan, permit access to one host on subnet only?

siefert
Level 1
Level 1

‎01-28-2004 07:42 AM

Hello,

We have a IPSec LAN-2-LAN connection between two VPN concentrators 3005 and two private subnets behind.

How must i configure filter/rules for permit access

to one host and one port (e.g.192.168.10.10 SSH) on

a subnet ?

Thanks a lot

Enrico Siefert, Germany

Labels:
0 Helpful
3 Replies 3

patrick.cannon
Level 1
Level 1

‎01-28-2004 07:14 PM

specify that one host in your network list

drop all protocols other than ssh

0 Helpful

siefert
Level 1
Level 1
In response to patrick.cannon

‎02-02-2004 05:42 AM

You mean i should only configure a subnet with only one host and protocol and specify this in my lan2lan connection? No rules ore filters ? Is this secure?

Thanks

0 Helpful

ddawson
Level 1
Level 1
In response to siefert

‎02-04-2004 01:38 PM

The 3000 concentrator doesn't support the specification of protocols and ports in the network lists, so you'll still need a filter applied to the L2L tunnel which only permits SSH. However, you can just put a single host address in the network list to restrict tunnel access to just that host. There should be no security issues, assuming your filter does what you want.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents