Topic: dfl-800 lan to lan VPN block traffic (Read 5576 times)

riccio99 · « **on:** August 02, 2011, 04:16:13 AM »

Hi all, i have a DFL-800 with a lan to lan VPN with a branch office.

Now i want to block the traffic from the branch office to the main office so that they can ping or do nothing on our network but i want the us from the main office can do everything on their network(remote desktop connection,ping and so on...).

I tryed to put an ip rules in this way:
name BLOCK_boffice
action Reject
source interface moff-boff_tunnel (ipsec tunnel)
source network boffLAN (lan of b offcie)
destination lan
interface destination lannet
network services all_services

but it doesn't work they can still ping a see us on network share (\\192.168.....)

Please someone can help me ?

thx you!

danilovav · « **Reply #1 on:** August 02, 2011, 01:45:55 PM »

Just remove/disable rule
Allow moff-boff_tunnel/boffLAN lan/lannet

scrubsguy · « **Reply #2 on:** August 03, 2011, 10:11:38 PM »

did this work?

riccio99 · « **Reply #3 on:** August 04, 2011, 04:51:45 AM »

i'm sorry i was out for work...

yes..it worked...or better it illuminated me... i delete all rules and added only one rule:

ALLOW_ALL Allow lan lannet any all-nets all_services

it permit all traffic from main office over vpn and block all traffic from branch office pver vpn.

it seems to work...

thx a lot for uur help.

scrubsguy · « **Reply #4 on:** August 07, 2011, 11:01:58 PM »

cool

D-Link Forums

News:

Author Topic: dfl-800 lan to lan VPN block traffic (Read 5576 times)

riccio99

dfl-800 lan to lan VPN block traffic

danilovav

Re: dfl-800 lan to lan VPN block traffic

scrubsguy

Re: dfl-800 lan to lan VPN block traffic

riccio99

Re: dfl-800 lan to lan VPN block traffic

scrubsguy

Re: dfl-800 lan to lan VPN block traffic