Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
214
Views
0
Helpful
1
Replies

SECURING VPN PIX

r.kate
Level 1
Level 1

‎03-03-2003 05:22 AM - edited ‎02-21-2020 12:23 PM

Hi ,

I have got a pix 515 E UR ;6.22 which has got split-tunneling and working good .I want to limit access to this PIX from certain IP blocks only .Meaning road warriors are limited to certain ISP 's only . Also I need to log all

incoming sessions which are attempting to hack in .Please can anyone help me right direction . I am using WIN2k And L2tp over ipsec to connect to PIX .

Any other suggestions appreciated .

Thanks

Raj

Labels:
0 Helpful
1 Reply 1

a-vazquez
Level 6
Level 6

‎03-07-2003 08:18 AM

Hi,

see this example configuration:

access-list 101 permit ip 10.1.7.0 255.255.255.0 any

access-list 101 permit ip 10.1.8.16 255.255.255.240 any

access-group 101 in interface inside

All the traffic from the 10.1.7.0/24 network is allowed to enter the inside interface.

But, only the ip addresses of 10.1.8.16-10.1.8.32 are allowed to enter the inside interface as there is an implicit deny all at the end of access-lists.No other user will be allowed out.

You can also do outbound/inbound logging on the Pix

check this:

http://www.cisco.com/warp/public/110/pixsyslog.html

0 Helpful
Customers Also Viewed These Support Documents