RE: SSL VPN's

From: Richard Dumoulin (richard.dumoulin@vanco.es)
Date: Tue Apr 27 2004 - 10:29:17 GMT-3

• Next message: Jonathan Hays: "RE: Port 0 Filter (Repost)"
• Previous message: Yasser Abdullah : "RE: PPP Callin Option"
• Maybe in reply to: Győri Gábor: "RE: SSL VPN's"
• Next in thread: sustundag@secura.com.tr: "RE: SSL VPN's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

After quickly reading the introduction, it seems to me that this kind of vpn
is limited. Only ssl enabled servers are accessible from the client side.
Where is the advantage ? Ah yes, that the client only needs a web browser.
Is that really an advantage ? On the other hand you have to have ssl
enabled servers,

--Richard

-----Original Message-----
From: sustundag@secura.com.tr [mailto:sustundag@secura.com.tr]
Sent: martes, 27 de abril de 2004 14:59
To: h-tomikawa@syscomusa.com; istong@stong.org
Cc: raj_ccie@yahoo.com; Gabor.Gyori@lnx.hu; ccielab@groupstudy.com
Subject: RE: SSL VPN's

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration
_guide_chapter09186a00801f1dd5.html

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration
_guide_chapter09186a00801f1fb6.html

These are all I could find

Serkan Ustundag
 
Network and Security Engineer
CCNP,CCDP,CCSE
CCSP (Cisco Certified Security Professional)
Cisco Network Management Specialist
 
sustundag@secura.com.tr
 
Secura bir TEPUM grup sirketidir

-----Original Message-----
From: Tomikawa [mailto:h-tomikawa@syscomusa.com]
Sent: Tuesday, April 27, 2004 3:39 PM
To: istong@stong.org
Cc: Rajagopal S; Gyo~ri Ga'bor; ccielab@groupstudy.com
Subject: Re: SSL VPN's

I am also very interested in this topic.
As matter of fact, there is upcoming project which will required me to
install a concentrator using WebVPN(SSL). But, I could find very little
resourses from CCO.

Does anyone know any URL which explains config example, etc...?

Thanks

istong@stong.org wrote:

>HI Raj,
>
>With the concentrator you can setup rules/policies that will limit what
>your PC can get to. In your case you can have it so the PC can only
>access the one IP on your network.
>
>
>Ian
>http://www.CCIE4u.com
>CCIE Lab and Rack Rentals
>
>
>
>
>>Hello Gabor,
>>
>>Are you refering to the Firewall policy option of a VPN concentrator ?
>>I think this works with VPN clients 3.5 and above. can i block any
>>traffic flowing from my network to the client PC network too in this
>>case ? I want the client PC to access only one
>> IP in my network. I need to block others. is this
>>possible through this ?
>>
>>let me know any URL which can give me this info.
>>
>>regards,
>>raj
>>
>>Gyuri Gabor <Gabor.Gyori@lnx.hu> wrote:
>>If you use VPN concentrator, the VPN client is the best solution. It
>>provides personal firewall itself, rules can be downloaded centrally,
>>block LAN access. The client exists for Windows, Linux, Solaris and
>>more, it is free to use with VPN concentrator.
>>
>>
>>Gabor
>>
>>-----Original Message-----
>>From: Rajagopal S [mailto:raj_ccie@yahoo.com]
>>Sent: Tuesday, April 27, 2004 9:08 AM
>>To: ccielab@groupstudy.com
>>Subject: OT:SSL VPN's
>>
>>
>>Hello group,
>>
>>I have heard a lot on web based SSL clientless VPN's on a cisco VPN
>>concentrator. Has anybody implemented this ? if so please clarify me
>>the following:
>>
>>1) will the end user access the vpn concentrator through
>>SSL first and get an IP address from the local pool in
>>order to access VPN ? or
>>
>>2) will the end user access the servers through SSL ? this doesnt
>>sound meaningful anyway.
>>
>>can anybody suggest me the best way fo securing clients connected on
>>VPN ? Is a personal firewall a good option ?
>>
>>let me know
>>raj
>>
>>
>>---------------------------------
>>Do you Yahoo!?
>>Win a $20,000 Career Makeover at Yahoo! HotJobs
>>
>>__________________________________________________________
>>_____________ Please help support GroupStudy by purchasing your study
>>materials from: http://shop.groupstudy.com
>>
>>Subscription information may be found at:
>>http://www.groupstudy.com/list/CCIELab.html
>>
>>---------------------------------
>>Do you Yahoo!?
>>Win a $20,000 Career Makeover at Yahoo! HotJobs
>>
>>__________________________________________________________
>>_____________ Please help support GroupStudy by purchasing your study
>>materials from: http://shop.groupstudy.com
>>
>>Subscription information may be found at:
>>http://www.groupstudy.com/list/CCIELab.html
>>
>>
>______________________________________________
>
>Check Your Email From Any Where in the World!
>
>http://www.myemail.com
>
>Tell Your Friends about MyEmail.com!
>______________________________________________
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html

• Next message: Jonathan Hays: "RE: Port 0 Filter (Repost)"
• Previous message: Yasser Abdullah : "RE: PPP Callin Option"
• Maybe in reply to: Győri Gábor: "RE: SSL VPN's"
• Next in thread: sustundag@secura.com.tr: "RE: SSL VPN's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:56 GMT-3