Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

restrict access to IKE to specific locations

Hi all,

Is it possible to restrict IP access to a defined list of dynamic VPN users?

We have an external test site and I would like to limit VPN access to defined trusted locations only (ie our office). The users need to use their desktop VPN client in order to replicate the non-test environment so I can't implement a site to site VPN etc. In fact I can't change much at all really with respect to actual implementation :)

I've tried adding a relevant access list to the control plane of the ASA on the outside interface but this doesn't seem to have any effect on IKE.

Many Thanks,

Jon

1 REPLY

Re: restrict access to IKE to specific locations

Jon-

I've never actually tried it but it looks like this could help.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/ike.html#wp1052788

101
Views
0
Helpful
1
Replies