User`s guide
Chapter 3 Tutorials: 3G Modem Setup & VPN Wizard
LAN-Cell 2 User’s Guide
66
3.3 Security Settings for VPN Traffic
The LAN-Cell can apply the firewall and content filtering to the traffic going to or from the
LAN-Cell’s VPN tunnels. The LAN-Cell applies the security settings to the traffic before
encrypting VPN traffic that it sends out or after decrypting received VPN traffic.
" The security settings apply to VPN traffic going to or from the LAN-Cell’s VPN
tunnels. They do not apply to other VPN traffic for which the LAN-Cell is not
one of the gateways (VPN pass-through traffic).
You can apply firewall security to VPN traffic based on its direction of travel. The following
examples show how you do this for the firewall.
3.3.1 Firewall Rule for VPN Example
The firewall provides even more fine-tuned control for VPN tunnels. You can configure
default and custom firewall rules for VPN packets.
Take the following example. You have a LAN FTP server with IP address 192.168.1.4 behind
device A. You could configure a VPN rule to allow the network behind device B to access
your LAN FTP server through a VPN tunnel. Now, if you don’t want other services like chat
or e-mail going to the FTP server, you can configure firewall rules that allow only FTP traffic
to come from VPN tunnels to the FTP server. Furthermore, you can configure the firewall rule
so that only the network behind device B can access the FTP server through a VPN tunnel (not
other remote networks that have VPN tunnels with the LAN-Cell).
Figure 31 Firewall Rule for VPN
3.3.2 Configuring the VPN Rule
This section shows how to configure a VPN rule on device A to let the network behind B
access the FTP server. You would also have to configure a corresponding rule on device B.