Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
227
Views
0
Helpful
1
Replies

Restricting VPN Flow with Concentrator

murphyw
Level 1
Level 1

‎04-11-2006 06:45 AM

Hi everyone,

I am trying to restrict what VPN Connections have access to on our inside network. I have got it working for clients using the VPN Client software, using a mixture of Rules (source/destination addresses/port) and Filters (assign the approriate filter to the group the user is a member of.

This works and i can lock down where the clients connecting get go and also what ports/protocols can be used.

Is this the best way to acheive this ?

Anyhow, the problem i am having is if i take this approach for a WebVPN Client. I am locking down to HTTP/HTTPS/DNS/RDP In/Out and for some reason when i apply the Filter to the group, the SSLVPN Client will no longer download. Is this the correct way to do this ? Anyone know whats stopping the SSLVPN Client from downloading using this ?

I am write in that i don't need to add anything in the filter to all https traffic from the External Interface on the Concentrator ?

Thanks in advance

Labels:
0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎04-17-2006 07:59 AM

VPN Client Blocking by Operating System and Type -

Adds the ability to restrict the different types of VPN clients (software client, router, VPN 3002, or Cisco PIX, for example) that are allowed to connect based on the type of client, operating system installed, and version of VPN client software

Supports restricting or preventing access to noncompliant VPN clients

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet0900aecd80225ae1.html

0 Helpful
Customers Also Viewed These Support Documents