Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
554
Views
0
Helpful
1
Replies

Restricting LAN access from the WAN

angel-moon
Level 3
Level 3

‎08-11-2005 06:43 PM - edited ‎03-10-2019 02:15 PM

Hello,

I posted theis in the General Security forum bit got no answers so please pardon the repeat if you subscrib to both

I have a client with a hub and spoke design with the remote offices coming in over a frame relay. All WAN traffic hits a 3640 at the central site before getting LAN access and even for Internet traffic. They want to stop the remote offices from just plugging in a computer and getting network access. They want something more manageable that access lists at each site. Somethig more appropriate would be a device or software that can monitor the inbound traffic on the 3640 and stop it is that particular computer cannot be authenticated. A twist is that they do not want the end -user at the remote sites to have to do anything different to get network access so the first thought that came to mind was MAC address filters but the traffic will be going out over a local router so the MAC address will change. Maybe software tokens or doing this with ACS? Anyone have any idea how we can get this done?

Thanks in advance!

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎08-17-2005 01:19 PM

Best solution would be to place the 3640 behind a PIX, then place a separate router on the outside.

0 Helpful
Customers Also Viewed These Support Documents