[c-nsp] Restricting vpn client access on 506e
Serguei Bezverkhi
sbezverkhi at hotmail.com
Tue May 31 12:04:02 EDT 2005
Hi,
You need to disable explicit permit of IPSec traffic by using:
No sysopt connection permit-ipsec
Then you need to add permit for IPSec traffic which you want to allow to
your outside access list.
HTH
Serguei
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jason Beltrame
Sent: Tuesday, May 31, 2005 11:55 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Restricting vpn client access on 506e
What is the best way to restrict traffic for clients who are VPN'ing
to the server using the cisco vpn client. I want to be able to
restrict them to tcp 3389 only. I try to add that to the spit tunnel
acl, but no luck. Any ideas would be great :)
Thanks,
Jason
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list