Hi ... If I understood correctly ... you want to allow access to one server only for your remote users .. this can be done by controlling the access at the VPN concentrator as per my previous post.
If you initiate another session from the above server to lets say another server by using Remote desktop .. then the VPN concentrator can do nothing about it as the traffic does not traverse it. The same applies to any device terminating the VPN connection. to restrict further connection you need to implement some kind of HIPS ( Host intrution prevention system such as CSA ) on the desktops and servers to control that type of connections.
Thanks for your prompt response and information, Fernando.
Sorry for not making my questions clear. I want to allow the terminal service (remote desktop) to this server after the users login to VPN Concentrator, not terminal service to another server from this server. By using the instructions from the previous post, the users can't terminal service (Remote Desktop, etc. ) to this server after they login to VPN Concentrator, but can access everything on this server. I would like to allow the users to terminal service to one server AFTER they login to VPN. Then, I only allow them to access this server after they terminal service to this server. Please let me know if I have not explained myself clearly.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :