Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • How To  " Bypass IPSec VPN Traffic

    Enviado por

    Vinay Sahu
    17 visualizações6 páginas
    hack

    Título original

    How to %c3%a2%e2%82%Ac%e2%80%9c Bypass IPSec VPN Traffic

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    hack

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    17 visualizações6 páginas

    How To  " Bypass IPSec VPN Traffic

    Enviado por

    Vinay Sahu
    hack

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 6

    How To Bypass IPSec VPN Traffic

    Applicable Version: 10.00 onwards


    Scenario
    Cyberoam should bypass the IPSec VPN traffic between Site A and Site B, in other words, between
    Router A and Firewall B. The network schema is as given below.




    Configuration
    Cyberoam can bypass IPSec VPN traffic if it has its UDP ports 500 and 4500 open both from WAN
    and LAN sides. To open the ports, follow the steps given below. The configuration is to be done from
    Web Admin Console using Administrator profile.


    How To Bypass IPSec VPN Traffic
    How To Bypass IPSec VPN Traffic



    Step 1: Create Virtual Host for UDP port 500
    Go to Firewall Virtual Host Virtual Host and click Add to create a new virtual host according to
    parameters given below.



    Parameter Description

    Parameter Value Description
    Name UDP_Port_500 Name to identify the Virtual Host.
    External IP #PortC 10.10.1.1
    External IP address is the IP address
    through which Internet users access
    internal server/host.
    Mapped IP 172.16.16.20
    Mapped IP address is the IP address of
    the internal server/host.
    Physical Zone LAN
    LAN, WAN, DMZ, VPN or custom zone of
    the mapped IP addresses. For example,
    if mapped IP address represents any
    internal server then the zone in which
    server resides physically.
    Port Forwarding
    Enable Port Forwarding Enabled Click to enable service port forwarding.
    Protocol UDP
    Select the protocol TCP or UDP that you
    want the forwarded packets to use.
    Port Type Port
    Click to specify whether port mapping
    should be single or range of ports.
    External Port 500
    Specify public port number for which you
    want to configure port forwarding.
    Mapped Port 500
    Specify mapped port number on the
    destination network to which the public
    port number is mapped.


    How To Bypass IPSec VPN Traffic





    On clicking OK, you are asked to create Firewall Rules to allow access to the virtual host created.

    Step 2: Add Firewall Rule
    On clicking OK, the following screen is displayed prompting you to create Firewall Rules.



    Enable Add Firewall Rule(s) For Virtual Host and specify parameters shown in the screen as
    required. Click Add Rule(s) to add the firewall rule. The above firewall rule forwards all traffic from
    port 500 on WAN side to port 500 on the LAN side.

    How To Bypass IPSec VPN Traffic



    Step 3: Create Virtual Host for UDP port 4500
    Go to Firewall Virtual Host Virtual Host and click Add to create a new virtual host according to
    parameters given below.



    Parameter Description

    Parameter Value Description
    Name UDP_Port_4500 Name to identify the Virtual Host.
    External IP #PortC 10.10.1.1
    External IP address is the IP
    address through which Internet
    users access internal server/host.
    Mapped IP 172.16.16.20
    Mapped IP address is the IP
    address of the internal server/host.
    Physical Zone LAN
    LAN, WAN, DMZ, VPN or custom
    zone of the mapped IP addresses.
    For example, if mapped IP address
    represents any internal server then
    the zone in which server resides
    physically.
    Port Forwarding
    Enable Port Forwarding Enabled
    Click to enable service port
    forwarding.
    Protocol UDP
    Select the protocol TCP or UDP
    that you want the forwarded
    packets to use.
    Port Type Port
    Click to specify whether port
    mapping should be single or range
    of ports.
    External Port 4500
    Specify public port number for
    which you want to configure port
    forwarding.
    Mapped Port 4500
    Specify mapped port number on
    the destination network to which
    the public port number is mapped.


    How To Bypass IPSec VPN Traffic





    On clicking OK, you are asked to create Firewall Rules to allow access to the virtual host created.

    Step 4: Add Firewall Rule
    On clicking OK, the following screen is displayed prompting you to create Firewall Rules.



    Enable Add Firewall Rule(s) For Virtual Host and specify parameters shown in the screen as
    required. Click Add Rule(s) to add the firewall rule. The above firewall rule forwards all traffic from
    port 4500 on WAN side to port 4500 on the LAN side.

    How To Bypass IPSec VPN Traffic



    Note:

    Ensure that there exists a similar Firewall Rules which forward all traffic from port 500 and 4500 on
    LAN side to port 500 and 4500 respectively on the WAN side.


    Document Version: 1.0 28/06/2012

    Você também pode gostar