12-03-2008 02:18 AM
Hi,
Is possible permit or deny to a VPN client in remote connection basing on source IP address? For example: if VPN Client that have to connect has x.x.x.x I permit the connection, else deny the connection. That is another authentication based on IP source address.
Best regards.
Massimiliano.
12-03-2008 05:04 AM
Hi Massimiliano,
Sure it is possible but you could be faced with a problem, what if the RA vpn user tries to VPNing from a different place like those internet caffes places, or other homes.
Your best bet is to use Digital Certificates to realy enforced a source PC vpn user to RA using authorized PC/Laptop, you would have more control of who vpns in.
You could use ASA as a CA server
or you could use 3rd party for CA
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008092d8f1.shtml
Rgds
Jorge
12-03-2008 05:22 AM
Thank you Jorge for your response.
Best regards.
Massimiliano.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: