05-27-2008 01:59 AM - edited 02-21-2020 03:44 PM
Hello,
Everything is in the title...
Is it possible to filter/control the internal access of VPN clients that connect to the PIX running PIX v6?
How to?
regards,
05-27-2008 06:02 AM
I stand corrected - but this functionality is only available in vers 7.x/8.x only.
HTH.
05-27-2008 06:17 AM
I've read that the "no sysopt connection permit ipsec" + ACL can filter access....
It is not very clear, some people say that works, some not....
05-27-2008 06:22 AM
Yes that is possible - however in my opionion very messy, and not what those commands were primary designed for - just my two pence worth.
They are a work-around, that is why in vers 7x onwards there are proper configuration commands on filtering user VPN traffic.
05-28-2008 10:35 AM
If you have a RADIUS server, you can dynamically issue an ACL to a client upon connection. We've been doing this fine for quite a while.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: