RE: [fw-wiz] vpn end-point

From: Mark Gumennik (mgumennik_at_mitre.org)
Date: 03/24/04

Next message: Melson, Paul: "RE: [fw-wiz] IP migration on "hub" VPN terminus [long]"

Previous message: WEXLER, BEN A (SBCSI): "[fw-wiz] Reducing Broadcast Storms"
In reply to: Shimon Silberschlag: "Re: [fw-wiz] vpn end-point"
Next in thread: Robert Perez: "RE: [fw-wiz] vpn end-point"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Shimon Silberschlag'" <shimons@bll.co.il>, <firewall-wizards@honor.icsalabs.com>
Date: Wed, 24 Mar 2004 15:27:27 -0500

In this case you need no firewall:
Just terminate vpn at your last router (closest to the remote site),
restrict all other traffic besides vpn with an ACL (3-5 lines be enough),
and your remote office becomes a part of your internal network. No need for
a separate Internet connectivity etc

-----Original Message-----
From: firewall-wizards-admin@honor.icsalabs.com
[mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of Shimon
Silberschlag
Sent: Sunday, March 21, 2004 11:13 AM
To: firewall-wizards@honor.icsalabs.com
Subject: Re: [fw-wiz] vpn end-point

Perhaps I should have been more clear. The suggested routers are Cisco 26xx
for small branches and 37xx for large ones. The routers (if the VPN will
terminate there) will have the crypto acceleration card added. The FW might
be some type of CheckPoint platform.

These connections will only be used for the VPN transport and will not be
used for other activity, such as surfing the Net.

Shimon Silberschlag

+972-3-9351572
+972-51-207130

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Melson, Paul: "RE: [fw-wiz] IP migration on "hub" VPN terminus [long]"

Previous message: WEXLER, BEN A (SBCSI): "[fw-wiz] Reducing Broadcast Storms"
In reply to: Shimon Silberschlag: "Re: [fw-wiz] vpn end-point"
Next in thread: Robert Perez: "RE: [fw-wiz] vpn end-point"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Connecting Remote Sites via VPN
... group as they can be very helpful with VPN issues. ... these up between ISA Server which creates all the rules and RRAS ... >>If you are using a hardware vpn at the remote site I ... >>good results with Netopia routers. ...
(microsoft.public.backoffice.smallbiz2000)
Re: Connecting Remote Sites via VPN
... If you are using a hardware vpn at the remote site I would suggest using the ... good results with Netopia routers. ... > I have SBS 2000 at the main office and Server 2003 at the ...
(microsoft.public.backoffice.smallbiz2000)
Re: Intra-site DNS problems
... Build a VPN between the two ... >> routers, and setup the routing so that everything ... RPCs are not going to translate through the NAT, ...
(microsoft.public.windows.server.dns)
Pattons Low-Cost WAN Router Integrates VPN, QoS and Encryption
... Low-Cost WAN Router integrates VPN, QoS and Strong Encryption. ... Routers with integrated QoS. ... Model 2800 Series provides business-class traffic-prioritization and ...
(comp.dcom.telecom)
Re: Branch Office MVBASE network access
... We use Watchguard routers for VPN between sites, ... Accuterm or the bundled thin client ...
(comp.databases.pick)