Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Restricting Traffic to a web page via WEBVPN

Hi all,

I would very much like your help.

I have setup two features for the customer on an ASA5500 appliance.

1) IPSEC client vpn access for home/remote users to access the LAN. This works fine.

2) WEBVPN for specific users who need to access a particular application on the LAN remotely via a HTTPS page.

Now, 1) works perfectly so this can be ignored. However, the customer suggested as one of their requirements that they would like only 2 srouce ip addresses to be allowed to access the https site remotely. I have raised a tac case with cisco who said that this cannot be done. I thought this might be as simple as using an ACL to permit only certain IP's to the site but have not been successful in gettng this to work. I was wondering if anyone had any other revelations. The config is ATTACHED.

Thanks and regards,

Randeep CCSP


Re: Restricting Traffic to a web page via WEBVPN

why don't you restrict access by usernames/groups instead of IP's?

TAC is right, btw, what your customer wants cannot be done with IP restriction.

Community Member

Re: Restricting Traffic to a web page via WEBVPN

Hmm you are right. I just tried it in the lab. Used ACL's, Web-type ACL's - applied these as filters to the group and no luck.

Cisco Tac say its a bug that has now been pushed to the design team with my case attached!! something to note i guess!

Thank u so much for your help.



ps. will use user / group restriction instead! :o)

CreatePlease to create content