cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
284
Views
0
Helpful
2
Replies

Restricting Traffic to a web page via WEBVPN

r.gill
Level 1
Level 1

Hi all,

I would very much like your help.

I have setup two features for the customer on an ASA5500 appliance.

1) IPSEC client vpn access for home/remote users to access the LAN. This works fine.

2) WEBVPN for specific users who need to access a particular application on the LAN remotely via a HTTPS page.

Now, 1) works perfectly so this can be ignored. However, the customer suggested as one of their requirements that they would like only 2 srouce ip addresses to be allowed to access the https site remotely. I have raised a tac case with cisco who said that this cannot be done. I thought this might be as simple as using an ACL to permit only certain IP's to the site but have not been successful in gettng this to work. I was wondering if anyone had any other revelations. The config is ATTACHED.

Thanks and regards,

Randeep CCSP

2 Replies 2

srue
Level 7
Level 7

why don't you restrict access by usernames/groups instead of IP's?

TAC is right, btw, what your customer wants cannot be done with IP restriction.

Hmm you are right. I just tried it in the lab. Used ACL's, Web-type ACL's - applied these as filters to the group and no luck.

Cisco Tac say its a bug that has now been pushed to the design team with my case attached!! something to note i guess!

Thank u so much for your help.

Regards

Randeep.

ps. will use user / group restriction instead! :o)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: