09-18-2003 01:10 AM - edited 02-20-2020 09:22 PM
Hi,
I would like to control what the VPN-users and LAN-to-LAN-profiles are allowed to to.
eg. to block the RPC-port (tcp135) for all traffic coming from any profile
Is this possible?
Regards,
Chris
Solved! Go to Solution.
09-18-2003 05:54 PM
You cna create this filter in one place, and then just apply it to each user group and to each L2L tunnel config.
Go under Config - Policy Mgmt - TRaffic Mgmt - Rules, add a rule that is Inbound, Drop, Protocol = TCP, Source and Dest of Any (leave them as is), TCP DEst Port range of 135 to 135.
Go under config - Policy Mgmt - Traffic Mgmt - Filters, add a filter whose default action is to forward, then add the rule you just created to that filter.
Now you can apply that to all the users by going under the Group and under the General tab and adding th efilter in there. You can also go under the L2L tunnel config and add the filter to the tunnel directly.
Note you'll want to test this first, I haven't done any testing and may have the source/dest or inbound/outbound around the wrong way or something like that.
09-18-2003 05:54 PM
You cna create this filter in one place, and then just apply it to each user group and to each L2L tunnel config.
Go under Config - Policy Mgmt - TRaffic Mgmt - Rules, add a rule that is Inbound, Drop, Protocol = TCP, Source and Dest of Any (leave them as is), TCP DEst Port range of 135 to 135.
Go under config - Policy Mgmt - Traffic Mgmt - Filters, add a filter whose default action is to forward, then add the rule you just created to that filter.
Now you can apply that to all the users by going under the Group and under the General tab and adding th efilter in there. You can also go under the L2L tunnel config and add the filter to the tunnel directly.
Note you'll want to test this first, I haven't done any testing and may have the source/dest or inbound/outbound around the wrong way or something like that.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide