×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Do split tunnel ACL's support port #'s ?

Unanswered Question
Feb 17th, 2004
User Badges:

Hello,


I want to lock down some vpn client users in a particular group that connect to our router to be able to only access RDP on a server. I cannot seem to get this to work through a split tunnel ACL for the group :


access-list 100 permit tcp host 192.168.5.10 192.168.3.0 .0.0.0.255 eq 3389


It seems that the way the split tunnel ACL specifies the source and destination subnets (they are reversed for split tunneling) that it can't support a destination TCP port on the LAN ? ( I have tried the ACL many other ways and I can't get it to work)


IS there any way to make it work with a split tunnel ACL or do I just have to configure different vpn client subnets for each group and filter them on an interface ACL ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Actions

This Discussion