Restrict vpn remote access

Unanswered Question
Jan 15th, 2008


I try to restrict access to the remote site from a vpn user using a vpn client software.

- concentrator vpn 3015 release 4.7.2.N-K9

- vpn client release

the vpn connection is OK

I would like for example, to block http traffic on the remote site for a group (to block intranet access for example). One of my collegues told me that I have to use firewall filter and rules but i havn't succed yet.

My user "bundy" in the group "groutcho"

I've created a filter (in traffic management) which contains two rules (drop http inbound for all adresses, and drop http outbound for all adresses) one rules should be necessary but i put two to be sure !

I've configured the groutcho group in the "client firewall" tab to require cisco integrated firewall and to push my policy (the filter with the two drop rules)

Howether, the user can steal access a web server on the remote site.

I've tried to restrict all accesses (with two drop-all rules) but it also doesn't work, the user has full access to the remote site.

The only thing i manage to controll is to deny vpn-connection when the user doesn't have the good firewall on his computer.

Could you help me configuring correctly the concentrator in order to restrict access to the remote site ?

Thank you,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
piaszczynski Tue, 01/29/2008 - 06:23

Thanks but in fact i would like the same type of document but for VPN concentrator 3000 series which is very different from pix....



This Discussion