Firewall Wizards mailing list archives

RE: vpn end-point

From: "Mark Gumennik" <mgumennik () mitre org>
Date: Wed, 24 Mar 2004 15:27:27 -0500

In this case you need no firewall:
Just terminate vpn at your last router (closest to the remote site),
restrict all other traffic besides vpn with an ACL (3-5 lines be enough),
and your remote office becomes a part of your internal network. No need for
a separate Internet connectivity etc

-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Shimon
Silberschlag
Sent: Sunday, March 21, 2004 11:13 AM
To: firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] vpn end-point


Perhaps I should have been more clear. The suggested routers are Cisco 26xx
for small branches and 37xx for large ones. The routers (if the VPN will
terminate there) will have the crypto acceleration card added. The FW might
be some type of CheckPoint platform.

These connections will only be used for the VPN transport and will not be
used for other activity, such as surfing the Net.


Shimon Silberschlag

+972-3-9351572
+972-51-207130


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

RE: vpn end-point Claussen, Ken (Mar 18)
- RE: vpn end-point paul (Mar 18)
  - RE: vpn end-point Dave Piscitello (Mar 19)
    - RE: vpn end-point Frederick M Avolio (Mar 19)
    - RE: vpn end-point Dave Piscitello (Mar 19)
    - Re: vpn end-point Shimon Silberschlag (Mar 22)
    - RE: vpn end-point Mark Gumennik (Mar 27)
- <Possible follow-ups>
- RE: vpn end-point Robert Perez (Mar 18)
- RE: vpn end-point Sloane, David (Mar 18)
- RE: vpn end-point Dean Davis (Mar 18)