Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
313
Views
4
Helpful
2
Replies

VPN Client

massimiliano.serafino
Level 4
Level 4

‎12-03-2008 02:18 AM

Hi,

Is possible permit or deny to a VPN client in remote connection basing on source IP address? For example: if VPN Client that have to connect has x.x.x.x I permit the connection, else deny the connection. That is another authentication based on IP source address.

Best regards.

Massimiliano.

Labels:
0 Helpful
2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

‎12-03-2008 05:04 AM

Hi Massimiliano,

Sure it is possible but you could be faced with a problem, what if the RA vpn user tries to VPNing from a different place like those internet caffes places, or other homes.

Your best bet is to use Digital Certificates to realy enforced a source PC vpn user to RA using authorized PC/Laptop, you would have more control of who vpns in.

You could use ASA as a CA server

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Firewalling&topicID=.ee6e1fa&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc21f6e

or you could use 3rd party for CA

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008092d8f1.shtml

Rgds

Jorge

Jorge Rodriguez

massimiliano.serafino
Level 4
Level 4
In response to JORGE RODRIGUEZ

‎12-03-2008 05:22 AM

Thank you Jorge for your response.

Best regards.

Massimiliano.

0 Helpful
Customers Also Viewed These Support Documents