Filter
Top Products
Working with VPNs
Securing service controller communications to remote VPN servers
Option Value to set Notes
Peer information User-defined Set according to VPN server needs. In this
example, the VPN server address is 3.1.1.1.
Authentication
method
User-defined Set according to VPN server needs. Either the
X.509 certificates or the Preshared key must
match server configuration.
Security policy >
Only permit
incoming...
Identify the subnet Identify the local subnet for which you wish to
filter traffic, for example, 7.1.1.0. This must
match the value defined in the policy on the
peer (VPN server).
Only permit
outgoing...
Identify the remote
subnet
Identify the remote subnet for which you wish
to filter traffic, for example, 10.0.0.0. This must
match the value defined in the policy on the
peer (VPN server).
See the online help for option descriptions.
See also, Keeping user traffic out of the VPN tunnel on page 12-11.
Configure PPTP client for a remote VPN server
Configure the PPTP client for the service controller VPN client capability via the VPN >
PPTP client menu.
The PPTP client enables the service controller to create a secure tunnel to any device that
provides a PPTP server. All traffic sent though this tunnel is protected against eavesdropping
by means of encryption.
Note The PPTP tunnel should not be used to transport user traffic. To prevent user traffic from
entering the tunnel, you must define access list definitions to DENY access to all subnets on
the other side of the tunnel. The tunnel should be used to carry management traffic only
(RADIUS, SNMP, management sessions). See Keeping user traffic out of the VPN tunnel on
page 12-11.
12-9