|
Hi Saul,
Well, it is indeed possible, but, since we're
dealing with a box-to-box VPN, both sides of the security association must be
adjusted in order for it to work. Remember, on site A you specify the
allowable destination networks behind site B, and vice versa. If you want
to restrict VPN access to the network behind site A, adjust the SA on site B by
restricting the destination network IP address specification.
If you make the proper considerations, you could
enable NAT and firewall rules for the SA on site A, then define rules to allow
and deny access as you wish.
Darrell Shandrow - Shandrow
Communications!
Technology consultant/instructor, network/systems administrator! A+, CCNA, Network+! Check out high quality telecommunications services at http://ld.net/?nu7i All the best to coalition forces carrying out Operation Iraqi Freedom!
|
Title: Message
- RE: [SonicWALL]- Cache... John Tolmachoff \(Lists\)
- Re: [SonicWALL]- Cache Full David McRell
- Re: [SonicWALL]- Cache Full Darrell Shandrow
- Re: [SonicWALL]- Cache Full David McRell
- Re: [SonicWALL]- dhcp lease times David McRell
- [SonicWALL]- IP spoof detected Tom Reingold
- Re: [SonicWALL]- IP spoof detected Darrell Shandrow
- Re: [SonicWALL]- IP spoof detec... Tom Reingold
- Re: [SonicWALL]- IP spoof ... Darrell Shandrow
- RE: [SonicWALL]- VPN Between 2 Sonicwall boxes Saul Gonzalez
- Darrell Shandrow
