Your filters both need to be for the IP address 209.0.156.31, not
199.51.78.96 and 199.51.78.97.
If you think of it as filtering access to the tunnel rather than
filtering access to the destination of the tunnel it's a bit more
intuitive.
-----Original Message-----
From: owner-gb-users_at_gta_dot_com [mailto:owner-gb-users_at_gta_dot_com]On Behalf Of
weston.nicolls_at_eyadc_dot_com
Sent: Wednesday, March 22, 2000 7:01 PM
To: gb-users_at_gta_dot_com
Subject: limiting access to a tunnel
Send postings to: gb-users_at_gta_dot_com
Access the list archives at:
http://www.gnatbox.com/gb-users/
----------------------------------
I need to setup a tunnel to allow a user access to 2 internal machines via
telnet.
I created the Inbound Tunnel and Remote Access rules first for wide open
access
but it is not working. I noticed that if I enable the tunnel with the
'accept
all filter' option that it does work. But then anyone can telnet. So is it
my
remote access rule? [varying the hide option didnt seem to matter]
4 #BV tunnel to kdev1 servers for Telnet
Accept "EXTERNAL" TCP log
from "ANY_IP"
to 199.51.78.96/255.255.255.255 23
5 #BV tunnel to kdev2 server for Telnet
Accept "EXTERNAL" TCP log
from "ANY_IP"
to 199.51.78.97/255.255.255.255 23
INBOUND TUNNELS
Index Protocol From IP Address Port To IP Address Port Options
----- -------- --------------- ----- --------------- ----- -------
----
1 TCP 209.0.156.31 23 199.51.78.96 23 hide
2 TCP 209.0.156.31 24 199.51.78.97 23 hide
thanks
Weston
----------------------------------------------
To Unsubscribe: send mail to majordomo_at_gta_dot_com
with "unsubscribe gb-users your_email_address
in the body of the message
|