IOS Easy VPN Vendor Access Config Assistance

Unanswered Question
May 16th, 2007
User Badges:

I have a customer with an existing configuration (below) that?s looking to allow vendor access to their network however they would like to restrict access to only 2 internal servers, denying access to everything else. I?m not a VPN guy so I'm looking for some guidance on how I might accomplish this. Thanks in advanced

Snipped config below


aaa authentication login default local

aaa authentication login XAuth local

aaa authorization network userauthen local

crypto isakmp policy 5

hash md5

authentication pre-share


crypto isakmp policy 10

hash md5

authentication pre-share

group 2

crypto isakmp client configuration group name

key key



pool ourpool

acl split-tunnel


crypto dynamic-map dynmap 10

set transform-set trans1


crypto map VPNTunnel client authentication list Xauth

crypto map VPNTunnel isakmp authorization list userauthen

crypto map VPNTunnel client configuration address initiate

crypto map VPNTunnel client configuration address respond

crypto map VPNTunnel 10 ipsec-isakmp

crypto map VPNTunnel 10 ipsec-isakmp dynamic dynmap

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion