Filter
Top Products
Configuring ACL & proxies entries for VPN connections
Configuring Sidewinder for Soft-PK Clients 3-3
Configuring ACL &
proxies entries for
VPN connections
Depending on where you decide to terminate your VPN tunnel, you
must ensure that you have the appropriate ACL entries set up to allow
ISAKMP traffic and allow/deny the appropriate proxy traffic. At a
minimum, you must define and enable an ACL entry that allows
ISAKMP traffic from the Internet to the external IP address of
Sidewinder.
1. Define (or ensure you have) an ACL entry that allows external-to-
external ISAKMP traffic. Select
Policy Configuration -> Access Control List.
Check for these attributes:
Agent = Server
Service = ISAKMP
Action = Allow
Enabled = Enable
Source burb = Internet (all source addresses, *)
Destination burb = Internet burb (external IP of Sidewinder)
Note 1: Ensure you have defined appropriate network objects/groups. To view the
current network object configuration, select Shortcut to Network Objects from the
Source/Destination tab.
Note 2: For details about configuring and managing network objects, see Chapter 4
in the Sidewinder Administration Guide.
2. [Configuration dependent] Define (or ensure you have) ACL entries that
allow access to and from any virtual burbs you may have. The virtual
burb should be specified as either the source or destination burb,
depending on the type of ACL entry being defined.
Note: For details about configuring and managing ACL entries, see Chapter 4 in the
Sidewinder Administration Guide.
3. [Configuration dependent] Enable the desired proxies in the
appropriate virtual burb(s). Select
Services Configuration -> Proxies.