Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 396
  • Last Modified:

Sonicwall point to point VPN security

I'm interested in implementing a hosted call center solution and the vendor I like wants me to setup a point to point VPN connection from my location to theirs to make the system work and pass VOIP traffic.  I'm concerned that this will open my network up to them as if I have no firewall at all.  It seems like this would be a big security risk for my network.

Am I wrong on this?  Is there a way to secure the point to point connection and not leave my network totally exposed to someone I don't really know?  Is there a way to set this up securely?

I have a Sonicwall TZ190 with the Enhanced OS.  Thanks!
0
s_sykes
Asked:
s_sykes
  • 3
  • 2
  • 2
2 Solutions
 
Hutch_77Commented:
Yo are correct, but having not used tis particular firewall I cant answer this perfectly for you.  Maybe someone with more sonicwall experience will chime in,
But in a Cisco environment I know you can setup a VPN route to only allow access to certain IP's.  This would Help keep the security you need and keep them off your network.
You can also limit the traffic to say specifically VOIP traffic.. still not 100% secure though.
0
 
s_sykesAuthor Commented:
Limiting it to an IP range would help.  Limiting the ports or types of service would be helpful as well.  I know we need to access some applications on their end, so I guess you could not limit it to just VOIP?
0
 
Hutch_77Commented:
If you need the apps then yeah you may look more toward ports rather than service. Ports being open are just easier to exploit.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
Aaron TomoskyTechnology ConsultantCommented:
The vpn tunnel is it's own area on a sonicwall. So just like there are routes and firewall rules from LAN to wan there are the same from VPN to wan and VPN to LAN. So you can limit what ips an services and everything.
0
 
Hutch_77Commented:
THat is what I thought Aaron, just never really worked with the Sonicwall as a whole.  

So if you can get the exact services they are running like HTTP or HTTPS and then the VOIP you may be able to limit it specifically to the needed services if they can truly give you all that information as some may be some odd app that requires ports rather than a generic service.
0
 
Aaron TomoskyTechnology ConsultantCommented:
Here are some good steps for sonicwall: start by defining adress objects for computers or ip ranges you need to talk with. Then make a service group for that address object. Then add services to the group. Then make a rule to allow from VPN to address object using the service group. That way you can just add and remove services from the group and the rule automatically adjusts.
0
 
s_sykesAuthor Commented:
Thanks!
0

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now