NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Where to place a VPN gateway



Title: [FW1+vpn] VPN with pix and firewall-1
We wanted to put the VPN gateway inside the firewall dmz so that we can protect the vpn box from getting hacked. This way we can control what kind of traffic comes at the VPN gateway from the internet. Since the only traffic coming out of the VPN gateway into the internal network is going to be ipsec I should not have to worry too much and can directly connect the internal interface of vpn box to the internal network.
 
What do you think?
[Siddiqui, Kamran] 
 
 
 -----Original Message-----
From: Glover, Duke [mailto:[email protected]]
Sent: Thursday, October 19, 2000 12:38 PM
To: [email protected]; [email protected]
Subject: RE: [FW1] Where to place a VPN gateway

You should attach the VPN box outside of the FW or on another FW interface.  At least that way you could control what type of traffic, and what destination, the VPN box allowed into your network.  If you attach the VPN box directly to your internal Net you lose all control of the traffic.
 
HTH,

Duke Glover
desk =
page =
[email protected]
Verizon / Enterprise Information Protection Services

 
-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Wednesday, October 18, 2000 10:24 AM
To: [email protected]
Subject: [FW1] Where to place a VPN gateway

Hi All,
 
Our company has decided to use the Nortell VPN gateway 4500 box. Our VPN group wants to put it outside of the firewall on the Internat and directly connect the other interface into the local network. Our VPN group has been told that the Nortel box is very secure!
 
We would like to secure the vpn box and have the connection go through the firewall. What is the best place to put a vnp gateway?
 
 
Here is the present scenario
 
Internet  -----------------------------------------> FW ------------------------------------------------> Local Net
|                                                                                                            ^
|                                                                                                            |
|                                                                                                            |
|-------------------------------------------> VPN Gateway -------------------------------------   |
 
 
Kamran


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.