[c-nsp] Downloadale acl for ASA-pix to VPN-clients
Fred Reimer
freimer at ctiusa.com
Sun May 4 09:42:25 EDT 2008
Yes and no. The ACL isn't downloaded to the VPN client itself, it is
downloaded to the ASA and enforced at that point. It's pretty simple, and
here are the references.
http://www.cisco.com/en/US/partner/docs/security/asa/asa80/configuration/gui
de/fwaaa.html#wp1043588
And:
http://www.cisco.com/en/US/partner/docs/security/asa/asa80/configuration/gui
de/vpngrp.html#wp1133080
Sorry for the partner links, but you can do your own search. It's all in
the configuration guides. I know it sounds simple, but just download the
command line configuration guide, and read it.
Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Arne Larsen / Region Nordjylland
> Sent: Sunday, May 04, 2008 3:53 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Downloadale acl for ASA-pix to VPN-clients
>
> Hi All.
> Is it possible via RADIUS to download access-list to a vpn client that
> is connecting to an ASA-firewall, so that the clients are restricted
> separately. And how is it done.
> Any links or example would be appreciated.
>
> /Arne
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3080 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20080504/bb3656c2/attachment.bin
More information about the cisco-nsp
mailing list