I try to restrict access to the remote site from a vpn user using a vpn client software.
- concentrator vpn 3015 release 4.7.2.N-K9
- vpn client release 5.0.01.0600
the vpn connection is OK
I would like for example, to block http traffic on the remote site for a group (to block intranet access for example). One of my collegues told me that I have to use firewall filter and rules but i havn't succed yet.
My user "bundy" in the group "groutcho"
I've created a filter (in traffic management) which contains two rules (drop http inbound for all adresses, and drop http outbound for all adresses) one rules should be necessary but i put two to be sure !
I've configured the groutcho group in the "client firewall" tab to require cisco integrated firewall and to push my policy (the filter with the two drop rules)
Howether, the user can steal access a web server on the remote site.
I've tried to restrict all accesses (with two drop-all rules) but it also doesn't work, the user has full access to the remote site.
The only thing i manage to controll is to deny vpn-connection when the user doesn't have the good firewall on his computer.
Could you help me configuring correctly the concentrator in order to restrict access to the remote site ?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :