Solved: Assign ACLs to VPN clients

dpatkins · ‎01-28-2008

We have a customer who VPN's to a Pix 515. I inserted the same-security-traffic permit intra-interface configuration on the pix so that personnel who utilize teh VPN would be able to access one specific resource on the public side. What I would like to do is continue to use the same-security-traffic permit intra-interface command, but limit access to other resources to the VPN client. Can I assign an access list to the VPN client that would permit 10.10.10.10 to any and then deny all other connections? Where do I insert this in the VPN structure?

Thank you

ajagadee · ‎01-28-2008

Yes.

Regards,

Arul

** Please rate all helpful posts **

View solution in original post

ajagadee · ‎01-28-2008

You should be able to accomplish this using "vpn-filter value". Please refer the below URL for details.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080641a52.shtml

Regards,

Arul

** Please rate all helpful posts **

dpatkins · ‎01-28-2008

Arul,

Is the VPNfilter a CLI command as well?

I do not have ASDM loaded.

Thanks

Dwane

ajagadee · ‎01-28-2008

Yes.

Regards,

Arul

** Please rate all helpful posts **