12-03-2008 02:18 AM
Hi,
Is possible permit or deny to a VPN client in remote connection basing on source IP address? For example: if VPN Client that have to connect has x.x.x.x I permit the connection, else deny the connection. That is another authentication based on IP source address.
Best regards.
Massimiliano.
12-03-2008 05:04 AM
Hi Massimiliano,
Sure it is possible but you could be faced with a problem, what if the RA vpn user tries to VPNing from a different place like those internet caffes places, or other homes.
Your best bet is to use Digital Certificates to realy enforced a source PC vpn user to RA using authorized PC/Laptop, you would have more control of who vpns in.
You could use ASA as a CA server
or you could use 3rd party for CA
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008092d8f1.shtml
Rgds
Jorge
12-03-2008 05:22 AM
Thank you Jorge for your response.
Best regards.
Massimiliano.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide