https://community.cisco.com/t5/network-security/access-on-selected-subnet/m-p/587372#M1055142 <HTML><HEAD></HEAD><BODY><P>Hi .. sure ... basically you need to need to create a subnet list and the apply it to the respective VPn group.</P><P></P><P>1.- go to Configuration | Policy Management | Traffic Management | Network Lists</P><P></P><P>create list and add the subnet(s) you want to allow access.</P><P></P><P>2.- go to Configuration | User Management | Groups</P><P>select the respective group and clikc on Modify for accessing the grup properties.</P><P></P><P>3.- Select the 'Client config' tab and add the network list you created on point one to the </P><P>Split Tunneling Network List option. Also UNTICK the 'inherited' option that appears beside it.</P><P></P><P>4.- Make sure your network knows how to route back to the Ip pool allocated to teh VPN clients.</P><P></P><P>This should allow this vpn group access to only the subnet(s) included on the list.</P><P></P><P></P><P></P><P></P><P>I hope it helps ... please rate if it it does !!!</P><P></P><P></P></BODY></HTML> Sun, 14 May 2006 11:34:05 GMT Fernando_Meza 2006-05-14T11:34:05Z https://community.cisco.com/t5/network-security/access-on-selected-subnet/m-p/587371#M1055141 <P>We have the VPN 3005 Concentrator. The users are authenticated through IPSEC through VPN client. How do we setup so that the users can only access a selected subnet? Thanks.</P> Fri, 21 Feb 2020 08:53:55 GMT https://community.cisco.com/t5/network-security/access-on-selected-subnet/m-p/587371#M1055141 dianewalker 2020-02-21T08:53:55Z https://community.cisco.com/t5/network-security/access-on-selected-subnet/m-p/587372#M1055142 <HTML><HEAD></HEAD><BODY><P>Hi .. sure ... basically you need to need to create a subnet list and the apply it to the respective VPn group.</P><P></P><P>1.- go to Configuration | Policy Management | Traffic Management | Network Lists</P><P></P><P>create list and add the subnet(s) you want to allow access.</P><P></P><P>2.- go to Configuration | User Management | Groups</P><P>select the respective group and clikc on Modify for accessing the grup properties.</P><P></P><P>3.- Select the 'Client config' tab and add the network list you created on point one to the </P><P>Split Tunneling Network List option. Also UNTICK the 'inherited' option that appears beside it.</P><P></P><P>4.- Make sure your network knows how to route back to the Ip pool allocated to teh VPN clients.</P><P></P><P>This should allow this vpn group access to only the subnet(s) included on the list.</P><P></P><P></P><P></P><P></P><P>I hope it helps ... please rate if it it does !!!</P><P></P><P></P></BODY></HTML> Sun, 14 May 2006 11:34:05 GMT https://community.cisco.com/t5/network-security/access-on-selected-subnet/m-p/587372#M1055142 Fernando_Meza 2006-05-14T11:34:05Z https://community.cisco.com/t5/network-security/access-on-selected-subnet/m-p/587373#M1055143 <HTML><HEAD></HEAD><BODY><P>Thanks very much for your prompt response and information, Fernando. How do you verify step #4? Thanks.</P><P></P><P>Diane</P></BODY></HTML> Mon, 15 May 2006 13:53:34 GMT https://community.cisco.com/t5/network-security/access-on-selected-subnet/m-p/587373#M1055143 dianewalker 2006-05-15T13:53:34Z