Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN user restrictions to network devices

Hi,

We have ASA configured for VPN Access & very large subnets are allowed for VPN then we have created VPN users in ACS & restrict the users access via Downloadable ACL & then on RSA we have created the user and assign them the RSA Tokens.

Problems:

~~~~~~~~

1) How we can restrict VPN users to our network devices, as currently all VPN users can connect to network devices.

Downloadable ACL on ACS not good enough as suppose we have restrict VPN user to particular subnet via dACL, once he will reach that subnet devices, then from that device(Switch/Router) he is somehow allowed to get to all devices. HOW WE CAN RESTRICT VPN USER THAT IF HE IS ALLOWED TO ACCESS ONLY SUBNET1 SWITCH, HE CANNOT GOTO SUBNET 2 SWITCH/ROUTER ETC.

2)  We have hundreds of RSA tokens and its hard to manage  these Is there any better solutions than RSA token. Any latest  technology better than this.

THANKS

Everyone's tags (5)
1 REPLY

VPN user restrictions to network devices

Hello. Is TACACs configured on your network devices? This would allow you to restrict what user has access.

HTH

Andy

259
Views
0
Helpful
1
Replies
CreatePlease to create content