Avaya 3.7 User Manual
Establishing security
186 Avaya VPNmanager Configuration Guide Release 3.7
Figure 60: Policy Manager, Packet Filtering/QoS
Clicking on the Edit or Add buttons launches a Packet Filtering Policy Wizard that guides you
through configuration of the desired packet filtering.
through configuration of the desired packet filtering.
Advanced
The Advanced tab accesses specific types of filters that are activated through checkboxes.
Permit/Deny non-VPN traffic Radio Buttons
The Radio Buttons at the top of the Packet Filter Rule-Advanced screen are set according to
your security policy. They include:
your security policy. They include:
●
Permit all non-VPN traffic - When checked, all non VPN traffic is allowed to pass through
the VSU.
the VSU.
●
Deny all IP non-VPN traffic - When checked, all non-IP traffic is prevented from passing
through the VSU. All non-VPN IP traffic is dropped except for the following: ICMP, IGMP,
GGP, EGP, IGP, DGP, EIGRP, and OSPF.
through the VSU. All non-VPN IP traffic is dropped except for the following: ICMP, IGMP,
GGP, EGP, IGP, DGP, EIGRP, and OSPF.
Note:
Note:
This mode should be used when the VSU dedicated to VPN traffic and is the only
device between the private and the public networks.
device between the private and the public networks.
●
Deny all non-VPN traffic - When checked, all non-VPN traffic is prevented from passing
through the VSU. This mode blocks non-IP traffic and non-VPN traffic including broadcast
traffic, IP-multicast traffic and other traffic containing routing information.
through the VSU. This mode blocks non-IP traffic and non-VPN traffic including broadcast
traffic, IP-multicast traffic and other traffic containing routing information.