Configuring ACL & proxies entries for VPN connections
Configuring Sidewinder for Soft-PK Clients
3-3
Configuring ACL &
proxies entries for
VPN connections
Depending on where you decide to terminate your VPN tunnel, you
must ensure that you have the appropriate ACL entries set up to allow
ISAKMP traffic and allow/deny the appropriate proxy traffic. At a
minimum, you must define and enable an ACL entry that allows
ISAKMP traffic from the Internet to the external IP address of
Sidewinder.
1.
Define (or ensure you have) an ACL entry that allows external-to-
external ISAKMP traffic. Select
Policy Configuration -> Access Control List
.
Check for these attributes:
Agent = Server
Service = ISAKMP
Action = Allow
Enabled = Enable
Source burb = Internet (all source addresses, *)
Destination burb = Internet burb (external IP of Sidewinder)
Note 1:
Ensure you have defined appropriate network objects/groups. To view the
current network object configuration, select
Shortcut to Network Objects
from the
Source/Destination tab.
Note 2:
For details about configuring and managing network objects, see Chapter 4
in the Sidewinder Administration Guide.
2.
[Configuration dependent]
Define (or ensure you have) ACL entries that
allow access to and from any virtual burbs you may have. The virtual
burb should be specified as either the source or destination burb,
depending on the type of ACL entry being defined.
Note:
For details about configuring and managing ACL entries, see Chapter 4 in the
Sidewinder Administration Guide.
3.
[Configuration dependent]
Enable the desired proxies in the
appropriate virtual burb(s). Select
Services Configuration -> Proxies
.
Содержание ADMINGUIDEREVA
Страница 1: ...VPN Administration Guide Revision A SafeNet Soft PK Version 5 1 3 Build 4 Sidewinder Version 5 1 0 02 ...
Страница 2: ......
Страница 50: ...Configuring the VPN on the Sidewinder 3 20 Configuring Sidewinder for Soft PK Clients ...
Страница 68: ...Configuring a security policy on the Soft PK 4 18 Installing and Working with Soft PK ...
Страница 79: ......