Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
4
Replies

regulate Vpn clients permission

mcelec
Level 1
Level 1

‎02-20-2008 05:58 PM - edited ‎03-11-2019 05:05 AM

Hi,

I have Pix with some vpn clients configured, it is working fine, but the crypto list permissions has total IP access, I need to implement permissions only to my Server with a specific port, but, if I do that, I lost the vpn clients access.

Please, can somebody help

Martin

Labels:
0 Helpful
4 Replies 4

brettmilborrow
Level 1
Level 1

‎02-29-2008 07:59 AM

Can you post the relevant portions of your config...

0 Helpful

mcelec
Level 1
Level 1
In response to brettmilborrow

‎03-03-2008 11:00 AM

Thanks Brett,

that is my current configuration, thing is, I need to implement two VP-groups, firts one has total access (172.20.1.0), then, I need the second one with limited access(172.25.1.0), I need that pool access the server(192.168.1.1 only with 1433 port.

can you help me please?

Martin

0 Helpful

mcelec
Level 1
Level 1
In response to mcelec

‎03-03-2008 11:15 AM

that is the conf

Preview file
5 KB
0 Helpful

brettmilborrow
Level 1
Level 1
In response to mcelec

‎03-04-2008 05:28 AM

The cisco recommended method to achieve this is to use split tunneling. This method will work, but does introduce the risk of access between a users local (potentially unsafe) network to your LAN whilst connected to the VPN.

You would need to configure your device similarly to this:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card