Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
334
Views
0
Helpful
1
Replies

Access control on VPN

leungyp
Level 1
Level 1

‎01-22-2002 08:09 PM - edited ‎02-21-2020 11:34 AM

I have setup VPN client 1.1 connecting to PIX-525 with extended authentication by Cisco ACS 3.0 (TACACS+).

My customer want to have access control by user group for some of the server.

Could I assign IP address by TACACS+ and then filter it by ACL?

Or there is another way to achive that?

Labels:
0 Helpful
1 Reply 1

HEATH FREEL
Level 1
Level 1

‎01-29-2002 01:06 PM

1st. Turn off Sysopt Permit-IPsec

2nd. Change your Client to the VPN 3000 3.5

3rd. Create Groups using different IP pools

4th. Create Conduits/Access-list to allow/deny access based on IP Pool.

At least that is how I would do it.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents