Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
847
Views
0
Helpful
5
Replies

How to limit one ip address to have remote access VPN to PIX?

kokkeong-low
Level 1
Level 1

‎10-18-2006 06:23 AM - edited ‎02-21-2020 02:40 PM

I would like to allow only 1 public ip to have remote access vpn to a PIX 506E,

already remove sysopt connection permit-ipsec.

apply access-list on the outside interface, VPN tunnel still can be establish even if I, apply acl with deny ip any any.

Can any one help?

Labels:
0 Helpful
5 Replies 5

ivillegas
Level 6
Level 6

‎10-23-2006 09:08 AM

access list coule be the better option try reconfiguraing the access-list

0 Helpful

burim-koso
Level 1
Level 1
In response to ivillegas

‎10-24-2006 12:47 PM

Hi

In this case the access-list will have no effect,

If you have a router in front of the pix you can do the restrictions there.

regards

Burim

0 Helpful

kokkeong-low
Level 1
Level 1

‎10-26-2006 11:28 PM

There is no way to do it ?

0 Helpful

kokkeong-low
Level 1
Level 1

‎10-26-2006 11:30 PM

the problem is this is a broadband connection to isp, the broadband router does not have any firewall capability.

0 Helpful

burim-koso
Level 1
Level 1
In response to kokkeong-low

‎10-27-2006 12:32 AM

Hi

to make this remote access more secure i would say to you try to implement certificate authentication and aaa, this the best way i think

regards

Burim

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents