Hi, is it possible to allow or limit the vpn clients to a specific protocol like RDP to the allowed network (internal)? Most of the samples in Cisco allows IP protocol on the access-list from the internat network to the IP pool which is then nated as Nat (0). I have tried to allow only RDP protocol in this access-list and it's not working.
Hi Rizaldy, unfortunately vpn-filter is not posible in 6.x codes , this feature was introduced in code 7.x and above. You would have to upgrade to code 7.x or above.
On the other hand if you have a tunnel group already for vpn clients and you want to limit all that tunnel group to only rdp and nothing else you still can do it with your current code with an acl, not the permit ip but permit tcp and port tcp port number surce vpn network destination host.. but this strategy will apply to all RA users for that tunnel group.. not to practical..as suppose to using vpn-filters per user that allows more control over individual users on same tunnel group without affecting others.