[fw-wiz] VPN concentrators

From: scouser@paradise.net.nz
Date: 08/26/02 

To: firewall-wizards@honor.icsalabs.com
From: scouser@paradise.net.nz
Date: Mon Aug 26 07:41:18 2002

Off topic slightly, sorry.

Current best thinking is to terminate VPN tunnels inside an external firewall on
a DMZ, then traffic can be passed back through this or another firewall before
entering the internal network.

Complexity can lead to vulnerabilities, so what are peoples thoughts on
termination of vpn tunnels on the firewall itself? What are the pros and cons
as you see them?

thanks in advance
James

Relevant Pages

  • Re: Adding a 3rd NIC to an SBS2003 Premium server.
    ... I currently run our SBS server with two NIC's behind a perimeter hardware ... the firewall routers. ... those vpn tunnels terminate outside of the SBS ...
    (microsoft.public.windows.server.sbs)
  • Re: Is it possible to "route" from VPN to VLAN
    ... :On a firewall in a hosting environment: ... :customer, and have the trafik 'routed' into the customers VLAN on a switch? ... PIX 7.0 software and the Unrestricted license, and the Cisco PIX 535 ... into account the number of VPN tunnels you requested. ...
    (comp.security.firewalls)
  • Re: firewall recommendation
    ... If you need a very simple firewall and have no experience: ... If you need to create VPN tunnels: Cisco 1700 series with VPN (IOS ... You will need a Cisco person to install this. ... If you want a middle of the road, ISA Server 2004. ...
    (microsoft.public.exchange.admin)
  • CSPM bringing down tunnels during update
    ... We have a large amount of firewalls being managed by Cisco CSPM version ... VPN tunnels. ... Sometimes when we make some changes on CSPM and approve any firewall & ...
    (comp.dcom.sys.cisco)
  • Re: Hardware firewall and DMZ machine - put what services where?
    ... Separate every service you want to provide to the outside world from the ... firewall - really. ... Set that up (it supports a DMZ, and VPN tunnels, and lots more) and ...
    (comp.os.linux.security)