Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can you Restrict a VPN user to a subnet?

We have a vendor requesting VPN access. His access needs to be limited to the subnet his products reside. We have a 3020. I cannot find how we can restrict him.

Any ideas will helpful.

Thanks,

Lee

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Can you Restrict a VPN user to a subnet?

hi

under GUI interface of your concentrator create a nework-list VENDOR where you specify the networks that can be reached by this client (allowed networks) enable (split tunneling policy) check the box (only tunnel nertwork in the list) choose the nework list that you ve created before called i.e VENDOR.

so what happens at the other side ? if he will try to access one of your networks that are not specified in your network-list the vpn client software will not tunnel that traffic instead it will be forwarded to his/her default gateway.

HTH

do rate if it does help

1 REPLY
Bronze

Re: Can you Restrict a VPN user to a subnet?

hi

under GUI interface of your concentrator create a nework-list VENDOR where you specify the networks that can be reached by this client (allowed networks) enable (split tunneling policy) check the box (only tunnel nertwork in the list) choose the nework list that you ve created before called i.e VENDOR.

so what happens at the other side ? if he will try to access one of your networks that are not specified in your network-list the vpn client software will not tunnel that traffic instead it will be forwarded to his/her default gateway.

HTH

do rate if it does help

115
Views
5
Helpful
1
Replies
CreatePlease login to create content