From: sustundag@secura.com.tr
Date: Tue Apr 27 2004 - 10:50:32 GMT-3
Yes you are right
If you ask me I don't prefer WebVPN comparing IPSec connection
And also this solution is limited application support..
Serkan Ustundag
Network and Security Engineer
CCNP,CCDP,CCSE
CCSP (Cisco Certified Security Professional)
Cisco Network Management Specialist
Secura bir TEPUM grup sirketidir
Cisco Systems IP Communications Partner of the Year, 2004, Turkey
Cisco Systems Security Partner of the Year, 2004, Turkey
Cisco Systems AVVID Partner of the Year, 2003, EMEA (Europe, Middle East and
Africa)
Cisco Systems Solution Partner of the Year, 2002, Turkey
Gazeteciler Mahallesi, Haberler Sokak
No:8 34394 Esentepe Istanbul
Direkt : +90 212 3550640
Santral: +90 212 3550600
Faks : +90 212 2757115
www.secura.com.tr <http://www.secura.com.tr/>
www.tepum.com.tr
_____
From: Richard Dumoulin [mailto:richard.dumoulin@vanco.es]
Sent: Tuesday, April 27, 2004 4:29 PM
To: Serkan Ustundag - (G|venlik ve Ag M|hendisi -Tepum Secura);
h-tomikawa@syscomusa.com; istong@stong.org
Cc: raj_ccie@yahoo.com; Gabor.Gyori@lnx.hu; ccielab@groupstudy.com
Subject: RE: SSL VPN's
After quickly reading the introduction, it seems to me that this kind of vpn
is limited. Only ssl enabled servers are accessible from the client side.
Where is the advantage ? Ah yes, that the client only needs a web browser. Is
that really an advantage ? On the other hand you have to have ssl enabled
servers,
--Richard
-----Original Message-----
From: sustundag@secura.com.tr [mailto:sustundag@secura.com.tr]
Sent: martes, 27 de abril de 2004 14:59
To: h-tomikawa@syscomusa.com; istong@stong.org
Cc: raj_ccie@yahoo.com; Gabor.Gyori@lnx.hu; ccielab@groupstudy.com
Subject: RE: SSL VPN's
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_
guide_chapter09186a00801f1dd5.html
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_
guide_chapter09186a00801f1fb6.html
These are all I could find
Serkan Ustundag
Network and Security Engineer
CCNP,CCDP,CCSE
CCSP (Cisco Certified Security Professional)
Cisco Network Management Specialist
Secura bir TEPUM grup sirketidir
-----Original Message-----
From: Tomikawa [mailto:h-tomikawa@syscomusa.com]
Sent: Tuesday, April 27, 2004 3:39 PM
To: istong@stong.org
Cc: Rajagopal S; Gyo~ri Ga'bor; ccielab@groupstudy.com
Subject: Re: SSL VPN's
I am also very interested in this topic.
As matter of fact, there is upcoming project which will required me to install
a concentrator using WebVPN(SSL). But, I could find very little resourses from
CCO.
Does anyone know any URL which explains config example, etc...?
Thanks
istong@stong.org wrote:
>HI Raj,
>
>With the concentrator you can setup rules/policies that will limit what
>your PC can get to. In your case you can have it so the PC can only
>access the one IP on your network.
>
>
>Ian
>http://www.CCIE4u.com
>CCIE Lab and Rack Rentals
>
>
>
>
>>Hello Gabor,
>>
>>Are you refering to the Firewall policy option of a VPN concentrator ?
>>I think this works with VPN clients 3.5 and above. can i block any
>>traffic flowing from my network to the client PC network too in this
>>case ? I want the client PC to access only one
>> IP in my network. I need to block others. is this
>>possible through this ?
>>
>>let me know any URL which can give me this info.
>>
>>regards,
>>raj
>>
>>Gyuri Gabor <Gabor.Gyori@lnx.hu> wrote:
>>If you use VPN concentrator, the VPN client is the best solution. It
>>provides personal firewall itself, rules can be downloaded centrally,
>>block LAN access. The client exists for Windows, Linux, Solaris and
>>more, it is free to use with VPN concentrator.
>>
>>
>>Gabor
>>
>>-----Original Message-----
>>From: Rajagopal S [mailto:raj_ccie@yahoo.com]
>>Sent: Tuesday, April 27, 2004 9:08 AM
>>To: ccielab@groupstudy.com
>>Subject: OT:SSL VPN's
>>
>>
>>Hello group,
>>
>>I have heard a lot on web based SSL clientless VPN's on a cisco VPN
>>concentrator. Has anybody implemented this ? if so please clarify me
>>the following:
>>
>>1) will the end user access the vpn concentrator through
>>SSL first and get an IP address from the local pool in
>>order to access VPN ? or
>>
>>2) will the end user access the servers through SSL ? this doesnt
>>sound meaningful anyway.
>>
>>can anybody suggest me the best way fo securing clients connected on
>>VPN ? Is a personal firewall a good option ?
>>
>>let me know
>>raj
>>
>>
>>---------------------------------
>>Do you Yahoo!?
>>Win a $20,000 Career Makeover at Yahoo! HotJobs
>>
>>__________________________________________________________
>>_____________ Please help support GroupStudy by purchasing your study
>>materials from: http://shop.groupstudy.com
>>
>>Subscription information may be found at:
>>http://www.groupstudy.com/list/CCIELab.html
>>
>>---------------------------------
>>Do you Yahoo!?
>>Win a $20,000 Career Makeover at Yahoo! HotJobs
>>
>>__________________________________________________________
>>_____________ Please help support GroupStudy by purchasing your study
>>materials from: http://shop.groupstudy.com
>>
>>Subscription information may be found at:
>>http://www.groupstudy.com/list/CCIELab.html
>>
>>
>______________________________________________
>
>Check Your Email From Any Where in the World!
>
>http://www.myemail.com
>
>Tell Your Friends about MyEmail.com!
>______________________________________________
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:56 GMT-3