Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

regulate Vpn clients permission

Hi,

I have Pix with some vpn clients configured, it is working fine, but the crypto list permissions has total IP access, I need to implement permissions only to my Server with a specific port, but, if I do that, I lost the vpn clients access.

Please, can somebody help

Martin

4 REPLIES
New Member

Re: regulate Vpn clients permission

Can you post the relevant portions of your config...

New Member

Re: regulate Vpn clients permission

Thanks Brett,

that is my current configuration, thing is, I need to implement two VP-groups, firts one has total access (172.20.1.0), then, I need the second one with limited access(172.25.1.0), I need that pool access the server(192.168.1.1 only with 1433 port.

can you help me please?

Martin

New Member

Re: regulate Vpn clients permission

that is the conf

New Member

Re: regulate Vpn clients permission

The cisco recommended method to achieve this is to use split tunneling. This method will work, but does introduce the risk of access between a users local (potentially unsafe) network to your LAN whilst connected to the VPN.

You would need to configure your device similarly to this:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml

91
Views
0
Helpful
4
Replies