×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cisco ASA remote access vpn permissions

Unanswered Question
Mar 14th, 2014
User Badges:

hi all ,

i  wan to ask a question in  remote acces vpn

 

actually i have asa with 

---outside-------ASA------inside

i configured RAvpn with cisco cpn client

when i logged by vpn , i can access every hting in the inside lan

 

i just want to use an acl to put some restrictions

i confiigured acl on the outside interface that deny ips of vpn pool to reach somehting inside the network

but

 

its not working !!

i mean there is no match int he acl on the outside interface ???!!!

 

im wondering 

 

does that i did is correct ?

 

does the vpn  users when they conneted to outside public ip interface are dealled as they are outside ?

or dealled as they are inside ??

 

and also , how set restricstions on the vpn users  connected  ???

 

regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
LA-Engineer Sun, 03/16/2014 - 18:16
User Badges:

I would use a vpn-filter on the group-policy to controller access for vpn users.  If you have the 'sysopt connection permit-vpn" invoked, VPN traffic will bypass your ACL applied on the 'outside' interface.

Actions

This Discussion