cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
201
Views
0
Helpful
2
Replies

Allowing VPN access from Guest

npagadua69
Level 1
Level 1

I have applied an access list to my guest vlan to have internet access only. This process is working fine. Now i would like to allow users (corporate) who are on the Guest vlan to VPN to my internal network. Please advise.

I am running this on 4506 SupIV

access-list 100 permit udp any eq bootpc host 255.255.255.255 eq bootps

access-list 100 permit ip any host 24.234.0.71

access-list 100 permit tcp any any eq 443

access-list 100 deny ip 192.168.190.0 0.0.0.255 host 192.168.53.5

access-list 100 deny ip 192.168.190.0 0.0.0.255 host 192.168.1.2

access-list 100 permit tcp any any eq www

access-list 100 deny ip 192.168.190.0 0.0.0.255 192.0.0.0 0.255.255.255

access-list 100 deny ip any any

2 Replies 2

jackko
Level 7
Level 7

to permit ipsec vpn, you need to open:

udp 500

udp 4500

ip 50 (i.e. esp)

thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: