HP Sa3110 - VPN Server Appliance Manual page 70

Firewalls and Tunnels
Firewall Rule Firewall Rule
Firewall Rule Firewall Rule
5-14
through VPN device B, a tunnel is defined for the user to the
black (untrusted) side of the VPN device and a firewall rule is
created to allow the traffic from the black (untrusted) network
to the red (trusted) network. In this case a Client IP is used to
assign the remote user a known IP address on the red (trusted)
network. This address is needed in order to identify the remote
user in the firewall rule.
Tunnel Definition Tunnel Definition Tunnel Definition Tunnel Definition
Parameters Parameters Parameters Parameters
Remote user name
Secure profile (must
be previously
defined)
Tunnel mode
IP route
Client IP
The following table describes the firewall rule.
Parameter Parameter Parameter Parameter
Description Description Description Description
From IP address
From subnet mask
From application
port
Hewlett-Packard Company Virtual Private Networking Concepts Guide
VPN Device A VPN Device A VPN Device A VPN Device A
leslie
dialup
Black
Not required
10.1.1.193
Parameter Value Parameter Value Parameter Value Parameter Value
10.1.1.193
255.255.255.255
ALL
VPN Device B VPN Device B VPN Device B VPN Device B
No access
Not applicable
Not applicable
Not applicable
Not applicable
Comments Comments Comments Comments
User leslie is being
assigned Client IP
10.1.1.193.
The application port
used to make the
HTTP (www)
request is usually
unknown.