We need to provide a vendor access to a server located on the inside of the network (MS SQL Server). I have a couple questions along these lines:
1. We currently allow vpn access to IT staff on our ASA 5510 (which is privately managed). We currently have one authentication group for our IT staff. Is there a way to have two authentication groups? We're using a MS radius server to authenticate before access is approved.
2. Once the vendor is connected, what would be the best way to restrict them to only the one box?
Our concern is that they would be able to launch telnet, file share, etc...I realize this may be best handled by MS group, but was thinking about access lists..
The easiest way would be to create a second remote access tunnel group. Create a new ip pool for that group and apply it to a new policy for that group. You could then limit the access by being very specific with your nat exemption acl.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...