Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Block a host going through vpn

How can I block a single host from going through a vpn if it's part of a subnet that's allowed through a vpn? These are public IPs so there's no nonat acl that I could throw a deny in. Thanks.

3 REPLIES

Re: Block a host going through vpn

Question - why would you want to block a specific host? How are you actually assigning IP addresses, if it's by DHCP - then anyone could pick up that DHCP address.

Re: Block a host going through vpn

If you know the source IP of the host, you can use vpn-filter.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9a87.shtml

Syed iftekhar Ahmed

New Member

Re: Block a host going through vpn

Our client did not want a specific host to go across the vpn. We ended up just putting a deny statement in the interesting traffic acl on both sides. Thanks for the help.

102
Views
0
Helpful
3
Replies