sa3450 - Virtual Private Networking Concepts Guide

Single-User Tunnels

Hewlett-Packard Company Virtual Private Networking Concepts Guide

5-13

In the previous table, user chris is given complete access to the

trusted network.

Limited Access

Limited AccessLimited Access

Limited Access The following figure shows how to use a combination of a tunnel

and a firewall rule to give a remote user limited access to the

trusted network.

Figure: Source Address Change

Figure: Source Address ChangeFigure: Source Address Change

Figure: Source Address Change

For example, to allow a remote user (called leslie) access to the

Web server available through VPN device A while not allowing

access to the rest of that network or to the network available

Tunnel Definition

Tunnel Definition Tunnel Definition

Tunnel Definition

Parameters

ParametersParameters

Parameters

VPN Device A

VPN Device AVPN Device A

VPN Device A HP VPN Client

HP VPN ClientHP VPN Client

HP VPN Client

Remote user name chris (the VPN’s name)

Secure profile (must

be previously

defined)

dial-up Accept peer

proposal or same

parameters as dial-

up profile

Tunnel mode Red Not applicable

IP route Not required Not applicable

Client IP 0.0.0.0 (not

required)

Not applicable

Firewall rule allows traffic

through to the Red

Tunnel terminates

on the Black

NAT

Source address changed

to Client IP