Solved: Can you Restrict a VPN user to a subnet?

lhoyle · ‎12-22-2006

We have a vendor requesting VPN access. His access needs to be limited to the subnet his products reside. We have a 3020. I cannot find how we can restrict him.

Any ideas will helpful.

Thanks,

Lee

kamal-learn · ‎12-24-2006

hi

under GUI interface of your concentrator create a nework-list VENDOR where you specify the networks that can be reached by this client (allowed networks) enable (split tunneling policy) check the box (only tunnel nertwork in the list) choose the nework list that you ve created before called i.e VENDOR.

so what happens at the other side ? if he will try to access one of your networks that are not specified in your network-list the vpn client software will not tunnel that traffic instead it will be forwarded to his/her default gateway.

HTH

do rate if it does help

View solution in original post

kamal-learn · ‎12-24-2006

hi

under GUI interface of your concentrator create a nework-list VENDOR where you specify the networks that can be reached by this client (allowed networks) enable (split tunneling policy) check the box (only tunnel nertwork in the list) choose the nework list that you ve created before called i.e VENDOR.

so what happens at the other side ? if he will try to access one of your networks that are not specified in your network-list the vpn client software will not tunnel that traffic instead it will be forwarded to his/her default gateway.

HTH

do rate if it does help