I configure SSL vpn by use any connect option from outside interface through internet
when I finish the installion I can access to outside by web for install anyconnet agent
but i have problem that the ssl web browser allow for any user to open the page so i want the web browser page only available
for one user by choice ip address
how can i do that ?
Solved! Go to Solution.
If I understand correctly you only want a single known remote IP address to be able to connect to your SSL VPN.
To do that, you would need to use an ACL with the "control-plane" option. That makes the ACL apply to traffic TO the ASA (vs. the normal usage which affects traffic THROUGH the ASA).
Here is a good article on how to do that.
It was written for the old IPsec VPN client but you can easily adapt the method to specify tcp 443 (default for SSL/TLS used by AnyConnect clients unless you've specified an alternate port) as the destination transport protocol (tcp) and port (443).
object-group network ALLOWED_VPN_HOSTS network-object host x.x.x.x access-list OUT_IN extended permit tcp object-group ALLOWED_VPN_HOSTS host x.x.x.x access-group OUT_IN in interface outside
i did this access list as your requirement but same problem which i can access to ssl vpn by any user from outside