Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

RV220W -- Can I set up an IPSec VPN to only allow access to a single LAN IP?

Hello,

I have an IPSec VPN (client-to-router) set up and working beautifully. I can access my network from most anywhere and can access all of the network resources, no problem. I do this by IP address, since I do not have NetBIOS enabled. For example, once I connect, I can RDP to 192.168.98.xxx and connect to any one of my machines.

My question is this:

I would like to give another person VPN access, but only to a specific machine on the network. I want them to be able to ping/connect to 192.168.98.135 only and not be able to directly connect to any other machine.

I realize that once they RDP to the .135 box I will still need to deal with security from that point on. I also realize that their ability to see/ping other IP addresses on the network does not mean much without credentials for what they might try to access. But still, is there a way to do this?

Thanks in advance!

Anthony

2 REPLIES
Bronze

RV220W -- Can I set up an IPSec VPN to only allow access to a si

Depending on if you are assigning static IPs or not to the clients,  you may be able to put in an access rule or static route that will limit a particular IP address.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

RV220W -- Can I set up an IPSec VPN to only allow access to a si

Anthony, Do the following please:

  1. Create access lists.
  2. Associate them with group policies.
  3. Associate those group policies with tunnel groups.
376
Views
24
Helpful
2
Replies