Advanced, Permit/deny non-vpn traffic radio buttons – Avaya 3.7 User Manual

Establishing security

186 Avaya VPNmanager Configuration Guide Release 3.7

Figure 60: Policy Manager, Packet Filtering/QoS

Clicking on the Edit or Add buttons launches a Packet Filtering Policy Wizard that guides you
through configuration of the desired packet filtering.

Advanced

The Advanced tab accesses specific types of filters that are activated through checkboxes.

Permit/Deny non-VPN traffic Radio Buttons

The Radio Buttons at the top of the Packet Filter Rule-Advanced screen are set according to
your security policy. They include:

●

Permit all non-VPN traffic - When checked, all non VPN traffic is allowed to pass through
the VSU.

●

Deny all IP non-VPN traffic - When checked, all non-IP traffic is prevented from passing
through the VSU. All non-VPN IP traffic is dropped except for the following: ICMP, IGMP,
GGP, EGP, IGP, DGP, EIGRP, and OSPF.

Note:

Note:

This mode should be used when the VSU dedicated to VPN traffic and is the only
device between the private and the public networks.

●

Deny all non-VPN traffic - When checked, all non-VPN traffic is prevented from passing
through the VSU. This mode blocks non-IP traffic and non-VPN traffic including broadcast
traffic, IP-multicast traffic and other traffic containing routing information.