Table of Contents
Advertisement
Establishing security
Figure 60: Policy Manager, Packet Filtering/QoS
Clicking on the Edit or Add buttons launches a Packet Filtering Policy Wizard that guides you
through configuration of the desired packet filtering.
Advanced
The Advanced tab accesses specific types of filters that are activated through checkboxes.
Permit/Deny non-VPN traffic Radio Buttons
The Radio Buttons at the top of the Packet Filter Rule-Advanced screen are set according to
your security policy. They include:
Permit all non-VPN traffic - When checked, all non VPN traffic is allowed to pass through
the VSU.
Deny all IP non-VPN traffic - When checked, all non-IP traffic is prevented from passing
through the VSU. All non-VPN IP traffic is dropped except for the following: ICMP, IGMP,
GGP, EGP, IGP, DGP, EIGRP, and OSPF.
Note:
This mode should be used when the VSU dedicated to VPN traffic and is the only
Note:
device between the private and the public networks.
Deny all non-VPN traffic - When checked, all non-VPN traffic is prevented from passing
through the VSU. This mode blocks non-IP traffic and non-VPN traffic including broadcast
traffic, IP-multicast traffic and other traffic containing routing information.
186 Avaya VPNmanager Configuration Guide Release 3.7
Advertisement
Table of Contents
