[c-nsp] PPPoE tunnel and Firewall
Mario Spinthiras
spinthiras.mario at gmail.com
Thu Jul 24 20:39:42 EDT 2008
It will not. If you are looking into something along the lines of DPI or
even standard filtering per ip/port it will still work. PPPoE is L2
encapsulation. It will still look for the L3 information inside the frame.
On Thu, Jul 24, 2008 at 11:29 PM, Masood Ahmad Shah <masood at nexlinx.net.pk>
wrote:
> I'm really getting confused while adding firewall for DSL subscribers. I
> want to protect my PPPoE subscriber from malicious traffic. Adding a
> firewall between DSLAMs and BRAS is kinda confused for me. The final
> topology is going to be like
>
>
>
>
>
> CPEß------>DSLAMß-------àFirewallß------BRAS------->Ineternet
>
>
>
> >From CPE to BRAS is PPPoE tunnel. The question " Can firewall protect
> PPPoE
> customers from malicious traffic while sitting in transparent mode in front
> of BRAS". I wonder , firewall will skip the PPPoE tunnels traffic.
>
>
>
> If yes, than how do you guys protect BRAS internal traffic from one
> subscriber to another.
>
>
>
>
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list