vpn on public wifi


I have a user that travels frequently. I want to setup policies so that the user will connect to IKE VPN whenever they use public wifi. This user does not need to access internal resources. What policies I need to create so that he/she able to browse securely on a public wifi but blocking them from accessing internal resources.



  • Options

    From: VPN User ID To: Any-external
    Consider using an Any packet filter for this policy. This will allow ping (ICMP), as well as TCP & UDP packet types.

  • Options

    Thank you Bruce, what about DNS, does it go from internal DNS or I can assign an external DNS for the user.

  • Options

    In Mobile VPN with IPSec, you can specify the DNS server IP addr to be used.
    Your choice. But since you don't wan the user to have any internal access, then it should be an external one.

  • Options

    Thank you Bruce. Have a great day!

Sign In to comment.