Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Restricting VPN Flow with Concentrator

Hi everyone,

I am trying to restrict what VPN Connections have access to on our inside network. I have got it working for clients using the VPN Client software, using a mixture of Rules (source/destination addresses/port) and Filters (assign the approriate filter to the group the user is a member of.

This works and i can lock down where the clients connecting get go and also what ports/protocols can be used.

Is this the best way to acheive this ?

Anyhow, the problem i am having is if i take this approach for a WebVPN Client. I am locking down to HTTP/HTTPS/DNS/RDP In/Out and for some reason when i apply the Filter to the group, the SSLVPN Client will no longer download. Is this the correct way to do this ? Anyone know whats stopping the SSLVPN Client from downloading using this ?

I am write in that i don't need to add anything in the filter to all https traffic from the External Interface on the Concentrator ?

Thanks in advance


Re: Restricting VPN Flow with Concentrator

VPN Client Blocking by Operating System and Type -

Adds the ability to restrict the different types of VPN clients (software client, router, VPN 3002, or Cisco PIX, for example) that are allowed to connect based on the type of client, operating system installed, and version of VPN client software

Supports restricting or preventing access to noncompliant VPN clients

CreatePlease to create content