Table of Contents
Advertisement
"hoW to" for eAch feAture
c. other iPsec vPn settings
1. dns/Wins
the dns/Wins configuration page allows customers who have internal
servers within the corporate network which need to be assigned to the
iPsec vPn user so they can resolve private host or device names.
STEpS:
1. c lick Split tunneling tab – as shown above.
2. s elect Enable Split Tunneling.
3. s elect Select the Split tunneling aCL.
4. c lick Create a new rule (aCL) and select...
29
STEpS:
1. c lick DNS/WINS tab.
2. s elect Configure DNS Servers and fill in the required fields.
3. c heck Configure WINS Servers and fill in
the required fields.
2. split tunneling
split tunneling allows administrators to configure the
router to allow remote users (cisco vPn clients) to have
secure access to the company network while at the same
time allowing unsecure access to the internet.
split tunneling can pose a security risk when configured.
since vPn clients have unsecured access to the internet,
they can be compromised by an attacker. that attacker is
then able to access the corporate lAn via the iPsec tunnel.
it is advised administrators do not enable split tunneling.
5. Name/Number – provide a meaningful name of the Acl
(no spaces).
6. Description – provide a meaningful description.
7. c lick add.
In the action dropdown box:
8. c lick Select an action and select protect the traffic.
In the Source Host/Network section:
9. Type – select a Network
10. Ip address and Wildcard Mask – this is the source subnet.
typically it is your lAn subnet.
In the Destination Host/Network section:
11. Type – select a Network
12. I p address and Wildcard Mask – this is the destination
subnet. this is your pool of iP addresses create in section
11(b) step 20 – Pool information: – range of iP addresses
that can be allocated to iPsec vPn clients. this address
Must be unique.
15. c lick Next.
13. c lick Yes.
14. c lick Next.
16. c lick Finish.
30
Advertisement
Table of Contents
