VPN client access to Cisco ASA help

Unanswered Question
Jan 21st, 2009
User Badges:


I have users happily connecting to my Cisco ASA via the Cisco VPN client. Now I need to get a contractor to VPN in and I want to create a separate profile for them and only allow then to a certain sunbnet, is this possible?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
kwillacey Wed, 01/21/2009 - 09:22
User Badges:
  • Bronze, 100 points or more

I don't understand why get a concentrator if you already have an ASA?

LOL I'm blind it's contractor!!! Sorry.

Different group-policy with vpn filter should do the trick.

pstebner10 Wed, 01/21/2009 - 09:22
User Badges:

I would setup a new tunnel-group that assigns this user an IP address from a different DHCP range than the rest of your VPN users, and this is also where you will define the authentication parameters. Then just use an ACL to restrict access to whatever he needs. You could actually use the same group-policy for both groups.

I can post a mock-config if you like...



pstebner10 Wed, 01/21/2009 - 09:23
User Badges:

Kwillacey - I almost made the same mistake! Contractor - not concentrator!


This Discussion