HP VPN Server Appliance sa3110/sa3150/sa3400/sa3450 - Virtual Private Networking Concepts Guide
Firewalls and Tunnels
5-14 Hewlett-Packard Company Virtual Private Networking Concepts Guide
through VPN device B, a tunnel is defined for the user to the
black (untrusted) side of the VPN device and a firewall rule is
created to allow the traffic from the black (untrusted) network
to the red (trusted) network. In this case a Client IP is used to
assign the remote user a known IP address on the red (trusted)
network. This address is needed in order to identify the remote
user in the firewall rule.
Firewall Rule
Firewall RuleFirewall Rule
Firewall Rule The following table describes the firewall rule.
Tunnel Definition
Tunnel Definition Tunnel Definition
Tunnel Definition
Parameters
ParametersParameters
Parameters
VPN Device A
VPN Device AVPN Device A
VPN Device A VPN Device B
VPN Device BVPN Device B
VPN Device B
Remote user name leslie No access
Secure profile (must
be previously
defined)
dialup Not applicable
Tunnel mode Black Not applicable
IP route Not required Not applicable
Client IP 10.1.1.193 Not applicable
Parameter
Parameter Parameter
Parameter
Description
DescriptionDescription
Description
Parameter Value
Parameter ValueParameter Value
Parameter Value Comments
CommentsComments
Comments
From IP address 10.1.1.193 User leslie is being
assigned Client IP
10.1.1.193.
From subnet mask 255.255.255.255
From application
port
ALL The application port
used to make the
HTTP (www)
request is usually
unknown.