Is it possible to restrict IP access to a defined list of dynamic VPN users?
We have an external test site and I would like to limit VPN access to defined trusted locations only (ie our office). The users need to use their desktop VPN client in order to replicate the non-test environment so I can't implement a site to site VPN etc. In fact I can't change much at all really with respect to actual implementation :)
I've tried adding a relevant access list to the control plane of the ASA on the outside interface but this doesn't seem to have any effect on IKE.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...