ASA Blocking certain access

Unanswered Question
Aug 26th, 2008

I have a few 5505s running L2L to a 5520. At all of the locations where i have 5505s there is just one PC. I have disabled DHCP, static IP on the PC, and disabled unused ports. This is to prevent people from bringing laptops from home. Well there is a company that needs someone to access the internet to update their software. Is there any kind of Mac address filters in an ASA? I want to block everything except a few MAC's. Of course i don't want that person to access the L2L.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Tue, 08/26/2008 - 05:11

mac ACL support in ASA in transperante mode, however transperant mode dose not support VPN

but if u can give that client a static IP u can exclude his IP from the vpn ACL that match the interesting traffic to be sent through the L2L tunnel

or allaw only some IPs to be included in the VPN ACL and any thing not included will not bring up the VPN tunnel

good luck

if helpful Rate

cowetacoit Tue, 08/26/2008 - 05:41

I have thought about that already and it isn't an option because the user would have to enter the IP each time they need to use the connection. I think i'll just tell them to buy a wireless air card from the cell


This Discussion