so I've got a customer (custA) who wants to allow users of a customer of theirs (custB) to connect to custA's network via an ASA using Cisco VPN clients. I'm trying to secure it as much as possible. Can I somehow limit VPN Client connections to the ASA of custA from custB using the public IP of custB site?
The ASA has other LAN 2 LAN VPN sites that connect to it.
A LAN 2 LAN is not the preferred option here, specified by custA.
I have split tunneling to limit what IP's custB will connect to.
Via an ACL I have defined what ports and IP they connect to.
RSA will be used but in a couple of months time.
XAUTH is configured and using local usernames and passwords.
The public IP of custB is 18.104.22.168 (example for reference)