Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 515 and VPN CLIENT

Is there any way to configure the pix to limit the vpn users access some specific ports like telnet for example.

Thanks,

2 REPLIES
New Member

Re: PIX 515 and VPN CLIENT

What if you try to define the access list used by nat (inside) 0 to deny telnet and permit anything else.

say your ip local pool vpn is 192.168.12.1-192.168.12.10

access-list 101 deny tcp 192.168.12.0 255.255.255.0 eq telnet any

access-list 101 permit 192.168.12.0 255.255.255.0 any

NAT (inside) 0 access list 101

try this if this will work.Ü

New Member

Re: PIX 515 and VPN CLIENT

sorry it should be

access-list 101 deny tcp 192.168.12.0 255.255.255.0 any eq telnet

261
Views
0
Helpful
2
Replies
CreatePlease login to create content