Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Allowing VPN Network access to specific list

Hi guys,

Am still a newbie with the ASA appliance, I've setup my VPN on the cisco ASA 5505 which works perfectly, users from outside can access my internal LAN.

Now what i want, Is to create another VPN Tunnel group with another set of IP in which i want to allow them access to one server inside our LAN. See below details of network

VPN Ip pool: 10.10.10.200-210

Server on LAN: 10.10.10.45

Can this be done??

Thanks in advance.

Terence

Sent from Cisco Technical Support iPad App

1 REPLY

Allowing VPN Network access to specific list

Ok so there are multiple ways actually to do this depend upon situation.

1) If users are locally authenticated then you can create ACL call that under group-policy as VPN filter.

    

     For ex,

    access-list 104 extended permit ip <10.10.200.0 255.255.255.0>  

  

group-policy xxxx internal

group-policy xxxx attributes

vpn-filter value 104

2) You can configure same thing for users if authenticated locally.

username xxxx attributes
vpn-filter value 104

3) If user auth is configured on ACS then you can also control access by using downlodable access list.

Thanks

Ajay




222
Views
0
Helpful
1
Replies