08-26-2008 04:51 AM - edited 03-11-2019 06:36 AM
I have a few 5505s running L2L to a 5520. At all of the locations where i have 5505s there is just one PC. I have disabled DHCP, static IP on the PC, and disabled unused ports. This is to prevent people from bringing laptops from home. Well there is a company that needs someone to access the internet to update their software. Is there any kind of Mac address filters in an ASA? I want to block everything except a few MAC's. Of course i don't want that person to access the L2L.
08-26-2008 05:11 AM
mac ACL support in ASA in transperante mode, however transperant mode dose not support VPN
but if u can give that client a static IP u can exclude his IP from the vpn ACL that match the interesting traffic to be sent through the L2L tunnel
or allaw only some IPs to be included in the VPN ACL and any thing not included will not bring up the VPN tunnel
good luck
if helpful Rate
08-26-2008 05:41 AM
I have thought about that already and it isn't an option because the user would have to enter the IP each time they need to use the connection. I think i'll just tell them to buy a wireless air card from the cell provider..lol
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: