IOS Easy VPN Vendor Access Config Assistance

Unanswered Question
May 16th, 2007

I have a customer with an existing configuration (below) that?s looking to allow vendor access to their network however they would like to restrict access to only 2 internal servers, denying access to everything else. I?m not a VPN guy so I'm looking for some guidance on how I might accomplish this. Thanks in advanced

Snipped config below

c2800nm-advipservicesk9-mz.124-13b.bin

aaa authentication login default local

aaa authentication login XAuth local

aaa authorization network userauthen local

crypto isakmp policy 5

hash md5

authentication pre-share

!

crypto isakmp policy 10

hash md5

authentication pre-share

group 2

crypto isakmp client configuration group name

key key

dns 10.10.1.200 10.10.3.200

domain medonline.com

pool ourpool

acl split-tunnel

netmask 255.255.255.0

crypto dynamic-map dynmap 10

set transform-set trans1

reverse-route

crypto map VPNTunnel client authentication list Xauth

crypto map VPNTunnel isakmp authorization list userauthen

crypto map VPNTunnel client configuration address initiate

crypto map VPNTunnel client configuration address respond

crypto map VPNTunnel 10 ipsec-isakmp

crypto map VPNTunnel 10 ipsec-isakmp dynamic dynmap

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion