Security after establishing VPN
Ryan Russell
ryan at SECURITYFOCUS.COM
Tue May 16 13:23:55 EDT 2000
Assuming you're encryption settings are in place:
Source Dest Service Action Log Comment
not localnet mailserver pop3 client-encrypt long
At least, that's what I can recall... I don't run a FW-1 anymore.
(Change of jobs... not FW-1's fault :) )
Ryan
On Tue, 16 May 2000, Michael Louie wrote:
> Only allowing the use of port 110 to an internal mailserver was only an
> example. How would I define this rule?
>
>
> Thanks,
> Mike
>
> On Tue, 16 May 2000, Ryan Russell wrote:
>
> > The question isn't clear... are you asking if you can VPN to only port
> > 110? Yes. You can add a client-encrypt rule to only allow in to port
> > 110. This is for SecuRemote connections, mind you.. though I think the
> > same applies to FW-to-FW rules.
> >
> > Ryan
> >
> > On Mon, 15 May 2000, Michael Louie wrote:
> >
> > > Does Checkpoint version 4 and later have any built in security for restricting
> > > access after a VPN connection is established (port 110 to the mailserver only
> > > for example)? -or am I pretty much forced to purchase an additional firewall?
> > >
> >
> >
> >
>
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list