mansurw02
asked on
PPTP WatchGuard Firebox Restrict Acces to IP Range
I have 2 different subnets behind my firebox x5500e, 10.0.0.0/24 and 10.0.3.0/24. Is it possible to restrict VPN clients to only one of the subnets? I am able to connect to my firewall, but once the connection is made, access to everything behind the firewall is possible. I was poking around the settings of the IPSec method and saw that you can configure which networks are accessible. Can this be done with PPTP? How?
Usually you allow connection, and then limit internal subnets from the VPN subnet(s) using appropriate firewall rules. DO you have an existing rule FROM VPN to either 10.0.0.0 or 10.0.3.0? If not, make two rules, one allowing, and one denying.
ASKER
From VPN? Do you mean another PPTP policy with FROM Firebox TO 10.0.0.0? Currently I have 1 PPTP policy, FROM ANY TO FIREBOX.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hmmm, I would have liked at least partial credit (assist) for giving you the right answer.
ASKER
Sorry, I am new to Experts Exchange. I simply gave the points to whomever was most helpful. Now I know that I can distribute the credit. Thanks for your help too!
No problems, welcome to EE!
In this case, I believe I answered your question, and then dpk_wal expressed my answer further. Grading probably should have been to give me the credit for the answer, and dpk the assist. If you had asked questions, or indicated that you needed further help, I would have been glad to do that too.
In this case, you felt that dpk_wal was the most helpful to you, and you are the boss!
Thanks,
In this case, I believe I answered your question, and then dpk_wal expressed my answer further. Grading probably should have been to give me the credit for the answer, and dpk the assist. If you had asked questions, or indicated that you needed further help, I would have been glad to do that too.
In this case, you felt that dpk_wal was the most helpful to you, and you are the boss!
Thanks,