I have an ASA 5505 (8.2.1) at a remote home. The ASA will connect to the HQ VPN Con 3030. The home office will have an IP phone and the user's laptop. I have successfully setup Easy VPN. I have defined port 6 and 7 to be a part of VLAN 1. VLAN 1 routes across the tunnel to HQ. The other port (1-5) are assigned to another VLAN and route directly to the Internet.
How do I ensure only my company systems (IP phone and laptop) connect to the ASA and the company network?
This is what I have so far
vpnclient server x.x.x.x
vpnclient mode network-extension-mode
vpnclient vpngroup <group name> password ********
vpnclient username <username> password ********
vpnclient mac-exempt 000b.4600.0000 ffff.ff00.0000
I would like to use something like port security (doesn't appear to be an option), 802.1x (doesn't appear to be an option) or xauth (haven't been able to get it to work).