Print Download Documentation Send Feedback

Previous

Next

VPN Communities - Excluded Services

What can I do here?

Use this window to exclude services from the community. Excluded services are not encrypted and not matched to rules for the VPN community.

Getting Here

Getting Here - SmartConsole > Security Policies > Access Control > Policy > Access Tools > VPN Communities > New Star Community > Excluded Services

Understanding Excluded Services

Services excluded from encryption are required for VPN control connections, such as a connection that installs a security policy. Control connections traversing the gateway on their way from the Security Management server to the remote enforcement point must not be modified (encrypted) by the gateway. Typically, these control connections are handled by implied rules in the security policy.

Although implied rules defined in the Global Properties resolve this issue, you may prefer to disable the implied rules and define special rules for control connections. In this instance, include these services in the list for services in the clear.