VPN Client and Concentrator 3005: Restricting access to public web sites

Unanswered Question
Jan 31st, 2008


Due to a recent Oracle project we have been requested to allow their developers who access our network through the Cisco VPN Client and a Concentrator 3005 on our end, access to the internet through our connection.

Somehow if they were to fix it on their end it would "Impact all 65,000 Oracle users worldwide".

So anyhow, I think I have the full tunneling working now but would like to lock down their access to the particular websites they need. Could someone guide me through, where in the Concentrator I can do this?

I've tried this:

Configuration -> Policy Management -> Traffic Management -> Network Lists -> Modify:

<ip address of website>/

<other additional ACLs for access to subnets on our network>

However I can still go to places like cnn.com, google.com, etc.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
d-mark Fri, 02/01/2008 - 12:00


on a concentrator 3005 you can apply a filter to each user seperatly under "Configuration | User Management | Users " choose the "General" tab. So you can restrict a user to the 'places' you allow him to go to.

Assuming you do tunnel everything not split tunneling for those users and allow the users 'internet' traffic to go out the public interface.




This Discussion