I have been trying to use cisco-avpairs on our Windows 2003 IAS server with the ip:inacl option so that I can allow VPN users to ONLY remote control their work machines (RDP-Port 3389). Does anyone out there have an example of this or one that allows only certain ports? My cisco-avpair allows everything even though I try to limit it to DNS and RDP. I would show you what I have but I am trying hard not to show my stupidity.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...