GroupStudy.com GroupStudy.com - A virtual community of network engineers
Home BookStore StudyNotes Links Archives StudyRooms HelpWanted Discounts Login
RE: http access restriction to CVPN 3005 posted 12/02/2002
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next] 
Yep, and you need to enable HTTPS administration explicitly on the outside
interface.

-----Original Message-----
From: Ciaron Gogarty [mailto:cgogarty@xxxxxxxxxxx] 
Sent: Tuesday, December 03, 2002 4:28 AM
To: Justin Menga; Peter Wodle; vr2zjw@xxxxxxxxxxx; security@xxxxxxxxxxxxxx
Subject: RE: http access restriction to CVPN 3005


You also need to allow HTTPS in from the internet on the filter on the
public interface.  You will to create two new rules to allow HTTPS in from
your internet host, and HTTPS out to your internet host forward in/out and
add them to your public filter.

-----Original Message-----
From: Justin Menga [mailto:Justin.Menga@xxxxxxxxxxxxxx] 
Sent: 02 December 2002 15:09
To: Peter Wodle; vr2zjw@xxxxxxxxxxx; security@xxxxxxxxxxxxxx
Subject: RE: http access restriction to CVPN 3005

Do this via Administration --> Access Rights --> Access Control List

Regards,
Justin

-----Original Message-----
From: Peter Wodle [mailto:peter_wodle@xxxxxxxxxxx] 
Sent: Thursday, November 28, 2002 10:56 AM
To: vr2zjw@xxxxxxxxxxx; security@xxxxxxxxxxxxxx
Subject: Re: http access restriction to CVPN 3005


no, what i'm after is allowing a single host (legal IP address) on the 
internet to be able to do http to the concentrator but not allow any other 
host/ip.




>From: "Joe Wong" <vr2zjw@xxxxxxxxxxx>
>Reply-To: "Joe Wong" <vr2zjw@xxxxxxxxxxx>
>To: peter_wodle@xxxxxxxxxxx, security@xxxxxxxxxxxxxx
>Subject: Re: http access restriction to CVPN 3005
>Date: Wed, 27 Nov 2002 18:12:47 +0000
>
>Does this link help?
>
>http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/3_6/admin/a
>ccess.htm#xtocid23
>
> >From: "Peter Wodle" >Reply-To: "Peter Wodle" >To:
>security@xxxxxxxxxxxxxx >Subject: http access restriction to CVPN 3005
> >Date: Wed, 27 Nov 2002 13:07:36 -0500 > >How can I have http access
>restriction to CVPN 3005 from only one IP >address (on the Internet)? >
> >I've done it before using the list but can't remember where you
> >>apply
>it. >
>>_________________________________________________________________
> >MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
> >http://join.msn.com/?page=features/virus
>
>-----------------------------------------------------------------------
>-
>
>Tired of spam? Get advanced junk mail protection with MSN 8.


_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* 
http://join.msn.com/?page=features/virus

**********************************************************************
 This email and any files transmitted with it are confidential and  intended
solely for the use of the individual or entity to whom they  are addressed.
If you have received this email in error please notify  the system manager.
 
 This footnote also confirms that this email message has been swept for  the
presence of computer viruses.
 
 For more information contact postmaster@xxxxxxxxxxx
 
 phone + 353 1 4093000
 
 fax + 353 1 4093001
**********************************************************************