SA540 - Limit user to specific IP address?

Unanswered Question
May 10th, 2010
User Badges:

Is it possible to limit the IP address that a specified user can connect to?  The scenario is that we want to allow particular users to be able to connect to our VPN and then use RDP to login to a demo server and play with it.  We do not want those users to be able to RDP into any other system on our network.  Is this possible with this unit?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
hyeh Mon, 05/10/2010 - 13:23
User Badges:

Hi,

You can try to use SSL VPN,

and create a SSL VPN Policy to limit the user to certain network resources.


Thanks

Henry

KOMNetworks Mon, 05/10/2010 - 13:28
User Badges:

So it is possible?  Are you sure or is this a guess?  I took a look through the various pages of config, users, VPN policies etc and it didn't jump out at me.  If a kind soul oculd point me in the right direction, FAQ, whatever, I would really appreciate it.

hyeh Mon, 05/10/2010 - 14:05
User Badges:

Hi,

You can specify a network resource that can be used by your customer

by Clicking VPN on the menu bar, and then click SSL VPN Server > Resources in the
navigation tree.


After that you can create SSL VPN Policies to limit your customer to the network
resource you specified in the previous step


You can find all the detail in the "Creating the SSL VPN Policies" and

"Specifying the Network Resources for SSL VPN" sections of the SA500 Administration Guide

http://www.cisco.com/en/US/products/ps9932/prod_maintenance_guides_list.html


Thanks

Henry

KOMNetworks Tue, 05/11/2010 - 08:38
User Badges:

Thanks for the push in the right direction.  I think I've got it now and I just need to do a bit of testing to confirm.


Thanks again.

Actions

This Discussion

Related Content