[c-nsp] VPN Concentrator 3005 - block connection from internalclients
Joseph Jackson
JJackson at aninetworks.com
Wed Mar 1 21:50:23 EST 2006
Do the remote sites go out of a differenet internet connection? If so block those addresses. If not then block your internal addresses from connecting to that ip.
-----Original Message-----
From: Bob Fronk [mailto:bobfronk at gmail.com]
Sent: Wed Mar 01 11:05:59 2006
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] VPN Concentrator 3005 - block connection from internalclients
*Sorry if you get this multiple times. For some reason I keep getting
rejected*
We have a Cisco VPN 3005 Concentrator.
Traveling Windows clients use Cisco VPN Software (pointed to a public
Internet IP) to connect from outside sources.
However, when they come to the office, the Concentrator accepts the
connection because the IP is public. This causes several problems because
they are both connected on LAN and VPN.
This does not happen on the internal local subnet that the Concentrator is
on, however, if the client connects to the LAN at one of our remote sites
(connected via MPLS), the Concentrator accepts the connection.
I am not very versed on the VPN Concentrator. How can I tell it not to
accept connections from clients originating from our LAN?
Bob Fronk
bobfronk at gmail.com
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list