Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
365
Views
0
Helpful
1
Replies

VPN security question?

tmcmillion
Level 1
Level 1

‎10-23-2003 12:47 PM - edited ‎02-21-2020 12:50 PM

I am getting ready to roll out vpn3005 concentrator in my network. I will have both point-to-point VPN's and will aslo be using the client. For the clients I have a pool on the 3005 that is routable on my LAN. My plan is to authentciate to to NDS using ACS. My questions are:

1. should I put the 3005 in my DMZ or in parralel with my PIX ?

2. What is the best way to lock down users once they establish their tunnel?

Labels:
0 Helpful
1 Reply 1

andifur
Level 1
Level 1

‎10-23-2003 07:00 PM

I would put the 3005 parralel to the PIX.

The best way to lock it down is to create rules, and then assign these rules to filters that get applied to the LAN-TO-LAN or the clients.

Example, to allow port 80 to all instranet sites.

(Name) Intranet

Inbound

Forwawd

TCP

0.0.0.0 Source

10.0.0.0 Destination

Port 80

Then go and assign Intranet to a Filter, then assign it to the group you want to limit.

0 Helpful
Customers Also Viewed These Support Documents