Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Allowing VPN access from Guest

I have applied an access list to my guest vlan to have internet access only. This process is working fine. Now i would like to allow users (corporate) who are on the Guest vlan to VPN to my internal network. Please advise.

I am running this on 4506 SupIV

access-list 100 permit udp any eq bootpc host 255.255.255.255 eq bootps

access-list 100 permit ip any host 24.234.0.71

access-list 100 permit tcp any any eq 443

access-list 100 deny ip 192.168.190.0 0.0.0.255 host 192.168.53.5

access-list 100 deny ip 192.168.190.0 0.0.0.255 host 192.168.1.2

access-list 100 permit tcp any any eq www

access-list 100 deny ip 192.168.190.0 0.0.0.255 192.0.0.0 0.255.255.255

access-list 100 deny ip any any

2 REPLIES
Gold

Re: Allowing VPN access from Guest

to permit ipsec vpn, you need to open:

udp 500

udp 4500

ip 50 (i.e. esp)

New Member

Re: Allowing VPN access from Guest

thanks

98
Views
0
Helpful
2
Replies
CreatePlease login to create content