02-15-2010 01:06 AM - edited 02-21-2020 04:30 PM
Hi,
Is there a way to restrict the vpn connection to an ip address and a port? I can do an ip address only but can we restrict it with only one port ? I mean the user should only connect to one port?
Thanks
Solved! Go to Solution.
02-15-2010 09:41 AM
Hello,
You should be able to restrict access for a particular user to a specific destination IP and port by using a vpn-filter. Here is a link that can help you understand and configure a vpn-filter on your ASA.
As you can see from the information provided in the link you can apply the vpn-filter to the group-policy however, doing so ALL users connecting to that group-policy will inherit the vpn-filter and be restricted to what you have defined within the ACL on the filter. In your case it would be best to simply apply your vpn-filter ACL to the specific user under their attributes. When that particular user connects their access will be restricted to what you have configured in the vpn-filter while all other users will continue to have unrestricted access.
I hope this info helps!
- Jason Espino
02-15-2010 09:41 AM
Hello,
You should be able to restrict access for a particular user to a specific destination IP and port by using a vpn-filter. Here is a link that can help you understand and configure a vpn-filter on your ASA.
As you can see from the information provided in the link you can apply the vpn-filter to the group-policy however, doing so ALL users connecting to that group-policy will inherit the vpn-filter and be restricted to what you have defined within the ACL on the filter. In your case it would be best to simply apply your vpn-filter ACL to the specific user under their attributes. When that particular user connects their access will be restricted to what you have configured in the vpn-filter while all other users will continue to have unrestricted access.
I hope this info helps!
- Jason Espino
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: