Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to limit one ip address to have remote access VPN to PIX?

I would like to allow only 1 public ip to have remote access vpn to a PIX 506E,

already remove sysopt connection permit-ipsec.

apply access-list on the outside interface, VPN tunnel still can be establish even if I, apply acl with deny ip any any.

Can any one help?

5 REPLIES
Silver

Re: How to limit one ip address to have remote access VPN to PIX

access list coule be the better option try reconfiguraing the access-list

New Member

Re: How to limit one ip address to have remote access VPN to PIX

Hi

In this case the access-list will have no effect,

If you have a router in front of the pix you can do the restrictions there.

regards

Burim

New Member

Re: How to limit one ip address to have remote access VPN to PIX

There is no way to do it ?

New Member

Re: How to limit one ip address to have remote access VPN to PIX

the problem is this is a broadband connection to isp, the broadband router does not have any firewall capability.

New Member

Re: How to limit one ip address to have remote access VPN to PIX

Hi

to make this remote access more secure i would say to you try to implement certificate authentication and aaa, this the best way i think

regards

Burim

555
Views
0
Helpful
5
Replies
CreatePlease login to create content