https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895025#M954591 <P>Hi,</P><P>I have Pix with some vpn clients configured, it is working fine, but the crypto list permissions has total IP access, I need to implement permissions only to my Server with a specific port, but, if I do that, I lost the vpn clients access.</P><P></P><P>Please, can somebody help </P><P></P><P>Martin </P> Mon, 11 Mar 2019 12:05:44 GMT mcelec 2019-03-11T12:05:44Z https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895025#M954591 <P>Hi,</P><P>I have Pix with some vpn clients configured, it is working fine, but the crypto list permissions has total IP access, I need to implement permissions only to my Server with a specific port, but, if I do that, I lost the vpn clients access.</P><P></P><P>Please, can somebody help </P><P></P><P>Martin </P> Mon, 11 Mar 2019 12:05:44 GMT https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895025#M954591 mcelec 2019-03-11T12:05:44Z https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895026#M954592 <HTML><HEAD></HEAD><BODY><P>Can you post the relevant portions of your config...</P></BODY></HTML> Fri, 29 Feb 2008 15:59:59 GMT https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895026#M954592 brettmilborrow 2008-02-29T15:59:59Z https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895027#M954593 <HTML><HEAD></HEAD><BODY><P>Thanks Brett, </P><P>that is my current configuration, thing is, I need to implement two VP-groups, firts one has total access (172.20.1.0), then, I need the second one with limited access(172.25.1.0), I need that pool access the server(192.168.1.1 only with 1433 port.</P><P></P><P>can you help me please?</P><P></P><P>Martin </P></BODY></HTML> Mon, 03 Mar 2008 19:00:02 GMT https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895027#M954593 mcelec 2008-03-03T19:00:02Z https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895028#M954595 <HTML><HEAD></HEAD><BODY><P>that is the conf</P><P></P><P> </P><P></P></BODY></HTML> Mon, 03 Mar 2008 19:15:18 GMT https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895028#M954595 mcelec 2008-03-03T19:15:18Z https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895029#M954598 <HTML><HEAD></HEAD><BODY><P>The cisco recommended method to achieve this is to use split tunneling. This method will work, but does introduce the risk of access between a users local (potentially unsafe) network to your LAN whilst connected to the VPN.</P><P></P><P>You would need to configure your device similarly to this:</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml</A></P><P></P></BODY></HTML> Tue, 04 Mar 2008 13:28:08 GMT https://community.cisco.com/t5/network-security/regulate-vpn-clients-permission/m-p/895029#M954598 brettmilborrow 2008-03-04T13:28:08Z