11-16-2003 09:09 PM - edited 02-21-2020 12:52 PM
I tried to use
access-list acl_out deny ip "vpn client ip subnet" "
server ip"
to control the vpn client access to some servers in the company lan.
However it seems not work. Is there any other way to do it?
Appreciate lots.
11-17-2003 05:13 AM
you could control access using a deny in your "no nat" access-list before the permit,
e.g. access-list no_nat deny ip host 'serverip' 'vpn client ip subnet'
hth
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community