I am trying to restrict what VPN Connections have access to on our inside network. I have got it working for clients using the VPN Client software, using a mixture of Rules (source/destination addresses/port) and Filters (assign the approriate filter to the group the user is a member of.
This works and i can lock down where the clients connecting get go and also what ports/protocols can be used.
Is this the best way to acheive this ?
Anyhow, the problem i am having is if i take this approach for a WebVPN Client. I am locking down to HTTP/HTTPS/DNS/RDP In/Out and for some reason when i apply the Filter to the group, the SSLVPN Client will no longer download. Is this the correct way to do this ? Anyone know whats stopping the SSLVPN Client from downloading using this ?
I am write in that i don't need to add anything in the filter to all https traffic from the External Interface on the Concentrator ?
VPN Client Blocking by Operating System and Type -
Adds the ability to restrict the different types of VPN clients (software client, router, VPN 3002, or Cisco PIX, for example) that are allowed to connect based on the type of client, operating system installed, and version of VPN client software
Supports restricting or preventing access to noncompliant VPN clients
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :