Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

cisco VPN remote access vpn users abd server are on the same subnet

hi,

we have a customer that have a vpn remote access configured on asa 5525 ,

when vpn users connect they take an address  on the same subnet as the server they need to connect to.(172.17.2.0/24)

i want to filter the communication between the vpn users and the servers ;

i want to restrict vpn users to access only to some servers how can i make this .

does vpn-filter access-list can block traffic between 2 address on same subnet .

 

 

1 REPLY

Hi, Why do you want to keep

Hi,

 

Why do you want to keep the VPN Pool and Server Zone to the same subnet range..... how you can have such scenario????

 

on to the vpn filter rule you can have the deny statement for the hosts / subnet on priority to deny those access and you can filter..... and having the permit statements below to that to allow the required access..... or having permit statements to specific hosts alone in acl and implicit deny will take care of the deny access.....

 

Regards

Karthik

48
Views
0
Helpful
1
Replies