SA540 - Limit user to specific IP address?

Unanswered Question
May 10th, 2010

Is it possible to limit the IP address that a specified user can connect to?  The scenario is that we want to allow particular users to be able to connect to our VPN and then use RDP to login to a demo server and play with it.  We do not want those users to be able to RDP into any other system on our network.  Is this possible with this unit?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
hyeh Mon, 05/10/2010 - 13:23

Hi,

You can try to use SSL VPN,

and create a SSL VPN Policy to limit the user to certain network resources.

Thanks

Henry

KOMNetworks Mon, 05/10/2010 - 13:28

So it is possible?  Are you sure or is this a guess?  I took a look through the various pages of config, users, VPN policies etc and it didn't jump out at me.  If a kind soul oculd point me in the right direction, FAQ, whatever, I would really appreciate it.

hyeh Mon, 05/10/2010 - 14:05

Hi,

You can specify a network resource that can be used by your customer

by Clicking VPN on the menu bar, and then click SSL VPN Server > Resources in the
navigation tree.

After that you can create SSL VPN Policies to limit your customer to the network
resource you specified in the previous step

You can find all the detail in the "Creating the SSL VPN Policies" and

"Specifying the Network Resources for SSL VPN" sections of the SA500 Administration Guide

http://www.cisco.com/en/US/products/ps9932/prod_maintenance_guides_list.html

Thanks

Henry

KOMNetworks Tue, 05/11/2010 - 08:38

Thanks for the push in the right direction.  I think I've got it now and I just need to do a bit of testing to confirm.

Thanks again.

Actions

This Discussion

Related Content