Solved

VPN COncentrator 3030 FIrewalling feature

Posted on 2004-10-03
2
261 Views
Last Modified: 2013-11-16
HI,

I have a network where my clients access their VLANs through VPN. It works as follows, a client has a group name configured in the concentrator and he also has  his own VLAN with 1 or 2 machines connected to it. So he establish a VPN Tunnel that gets terminated on the concentrator.

Now the issue is, I want each client to access his VLAN only, I know its better to controll such connection on the concentrator itself.

How can I do that?.....please advice as urgent as possible, the deadline is very close to solve this issue.

Thanks
0
Comment
Question by:mayed81
2 Comments
 
LVL 10

Accepted Solution

by:
ngravatt earned 500 total points
ID: 12218165
cant you set each group to use different IP address pools?  You can assign each group a different IP address pool, and then, on your routers set ACLs that will not allow one VLAN to communticate with another.  
0
 

Author Comment

by:mayed81
ID: 12223720
thanks ngravatt, but i was wondering how can this be done on the VPN concentrator level and not on the switch /router level which is below the concentrator....

I know there is a feature called CPP "Centralized Policy Protection....but im not sure how to apply it on my concentrator ....

Im using VPN concentrator 3030 (cisco) and  the version im running is 4.0.4 A


Thanks
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now