Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
228
Views
0
Helpful
1
Replies

restrict access to IKE to specific locations

jonraymond
Level 1
Level 1

‎11-11-2008 09:09 AM - edited ‎03-11-2019 07:11 AM

Hi all,

Is it possible to restrict IP access to a defined list of dynamic VPN users?

We have an external test site and I would like to limit VPN access to defined trusted locations only (ie our office). The users need to use their desktop VPN client in order to replicate the non-test environment so I can't implement a site to site VPN etc. In fact I can't change much at all really with respect to actual implementation :)

I've tried adding a relevant access list to the control plane of the ASA on the outside interface but this doesn't seem to have any effect on IKE.

Many Thanks,

Jon

Labels:
0 Helpful
1 Reply 1

Collin Clark
VIP Alumni
VIP Alumni

‎11-11-2008 02:23 PM

Jon-

I've never actually tried it but it looks like this could help.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/ike.html#wp1052788

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card