Hi all,
A have a Checkpoint FW-1 and a VPN concentrator in a new design.
Where is the best place to put the VPN concentrator related to firewall?
a) before the firewall (in the outside network)
b) after the firewall(in the inside network)
c) in parallel with the firewall
d) in a
Inside the firewall. I haven;t worked with the concentrators before, but
have used Cisco rotuer for RAS VPN. All it needs is one interface for this
fucntion, real nice. Putting it behind FW ensures only stateful TCP sessions
are used and protects it from outsiders.
Paulo Roque wrote in message
You may want to consider the concentrator in a dual DMZ scenario. The
benefit of putting it in a dual DMZ scenario is not only can you control the
outside access, you can also control the resources a remote can see in the
inside once a tunnel is established. If you place it behind the firewall,
3 matches
Mail list logo