Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Limiting VPN Client Access to resources

VPN Client ver

How do I restrict access to VPN clients terminating on a PIX firewall. PIX has multiple subnets, and I would like certain users access to specific hosts.

2 REPLIES
New Member

Re: Limiting VPN Client Access to resources

1- remove sysopt connection permit-ipsec, and use ACL on outside

2. use nat 0 only for permited hosts

New Member

Re: Limiting VPN Client Access to resources

well then that would defeat, and practically eliminate the use of the VPN client, correct? i do require encrypted traffic. thanks for the help.

after further research, i do believe that configuring different groups as well as assigning different IPs to these groups, in addition to assigning users under the groups should solve this problem. the clients will then be configured to connect under the group assigned to them to ensure proper configuration. this configuration still maintains the encryption requirement.

215
Views
0
Helpful
2
Replies
CreatePlease login to create content