01-28-2004 07:42 AM
Hello,
We have a IPSec LAN-2-LAN connection between two VPN concentrators 3005 and two private subnets behind.
How must i configure filter/rules for permit access
to one host and one port (e.g.192.168.10.10 SSH) on
a subnet ?
Thanks a lot
Enrico Siefert, Germany
01-28-2004 07:14 PM
specify that one host in your network list
drop all protocols other than ssh
02-02-2004 05:42 AM
You mean i should only configure a subnet with only one host and protocol and specify this in my lan2lan connection? No rules ore filters ? Is this secure?
Thanks
02-04-2004 01:38 PM
The 3000 concentrator doesn't support the specification of protocols and ports in the network lists, so you'll still need a filter applied to the L2L tunnel which only permits SSH. However, you can just put a single host address in the network list to restrict tunnel access to just that host. There should be no security issues, assuming your filter does what you want.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: