Restrict user to 1 IP (Remote access PPTP)

Answered Question
Jul 9th, 2008
User Badges:

Hi everyone,


I've setup remote access PPTP VPN on a 2801 router (running 12.4 advsecurity).


What I'm trying to do is restrict the VPN user to only one IP in the network. I'm having trouble finding out how to get that configured.


Here's my config:


aaa new-model

!

!

aaa authentication login default local

aaa authentication ppp default local


vpdn enable

!

vpdn-group PPTP

! Default PPTP VPDN group

accept-dialin

protocol pptp

virtual-template 1


!

interface Virtual-Template1

ip unnumbered Serial0/1/0

peer default ip address pool PPTP_Pool

no keepalive

ppp encrypt mppe auto

ppp authentication ms-chap ms-chap-v2

!

!

ip local pool PPTP_Pool 172.16.0.50 172.16.0.60



Connecting to the VPN works just fine. I just need to know how to restrict the user to be able to access one IP in the network.


Thanks in advance!!!!!!

Correct Answer by singhsaju about 8 years 8 months ago

Hi,

You can try using access list and bind it to inside interface (interface connected to your network) on the router as outbound.


HTH

Saju

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
singhsaju Wed, 07/09/2008 - 13:08
User Badges:
  • Silver, 250 points or more

Hi,

You can try using access list and bind it to inside interface (interface connected to your network) on the router as outbound.


HTH

Saju

amiralisetoudeh Wed, 07/09/2008 - 15:24
User Badges:

Many thanks for the reply Saju. I assigned an access list to fa 0/0 and set the direction to 'out'.

It seems like it works... I just thought there might be a VPN related command that would perform the task.

Thanks again!

Actions

This Discussion