Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
701
Views
0
Helpful
2
Replies

firewall setup on vpn

tjhacker87
Level 1
Level 1

‎05-04-2012 12:47 AM - edited ‎03-07-2019 06:30 AM

I have the rv042 vpn router which is the main gateway for our internet, connected to the vpn is one server for a software and then another computer is connected for a web server software, well i need to get these setup like so, but have no clue how to do so

  • Setup firewall rules that will block all inbound       Internet access to the web server except port 443
  • Setup firewall rules that will block all       communication between the two internal networks, except ports 7000 and 1702
  • These must be on two different internal networks
Labels:
0 Helpful
2 Replies 2

Ton V Engelen
Level 3
Level 3

‎05-07-2012 06:03 AM

Hi

i m not familiar with this type of vpn router and what networks you have running already, so its a guess, but i ll give it a try.

1. Firewall rule for incoming traffic

You should define 2 rules, one to permit https to your webserver and one to block all other incoming traffic.

( i assume its a statefull firewall)

permit tcp any host eq 443

deny ip any any

Apply rules to internet interface for incoming traffic

2. Firewall rules to block traffic between 2 internal networks (i assume its tcp traffic)

permit tcp any any eq 7000

permit tcp any any eq 1702

deny ip any any

if all traffic is tunneled here to the other network there is no problem.

Apply these rules to the network interfaces of the 2 networks

if not all is tunneled and If the computer in one network should also have access to the webserver in the other network, be sure to add a rule for that and maybe also for administration purposes

permit tcp any eq 443

permit tcp any eq 22 (or) 3389 (ssh or rdp)

and be also sure to:

allow dns, tftp and dhcp traffic if nessecary.

You could add this in step 2 by a adding a couple of more rules

permit udp any any eq 53

permit udp any any eq 68

permit udp any any eq 69

and add them before the deny ip any any

I used cisco like cli code in these examples. Like i said i m not familiar with this box.

0 Helpful

tjhacker87
Level 1
Level 1
In response to Ton V Engelen

‎05-07-2012 07:27 AM

Well the vpn has a web gui interface, but i believe i might be able to accomplish what your stating here, thats kind of what i had envisioned in my head, but not all the way through, im going to try that out and see if it works, i'll update afterwards, thank you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card