[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Is it possible to firewall an IPSEC tunnel in m0n0 ?
 Date:  Mon, 27 Feb 2006 18:28:27 -0500
Outbound, yes.  Inbound, no.

i.e. you have site A and site B connected via VPN.  You control site
A, but not site B.  In that situation, you can filter what you let out
to site B via VPN through LAN rules, but you cannot filter anything
coming into you since you don't control site B.  If you control both
sites, you just have to put in the appropriate rules on both LAN
interfaces.

-Chris