Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
364
Views
0
Helpful
1
Replies

VPN access based on source IP via ACS5.5

jain.nitin
Level 3
Level 3

‎02-18-2014 06:17 AM - edited ‎03-10-2019 09:24 PM

Hi All,

I want to allow one vpn user to access vpn based on his public IP. For example if user access vpn from 1.1.1.1 then only he should be able to connect to vpn.

I created network authorization profile under access policies as below

systemuser=vpnuser1

endstationfilter=1.1.1.1

but it does not work, user is able to connect from any public IP and when I look into the monitoring and reports for logs it matches different rule which is last rule in the list whereas the above rule is on top.

Can somebody help

Labels:
0 Helpful
1 Reply 1

Muhammad Munir
Level 5
Level 5

‎03-04-2014 06:32 AM

Hello Jain,

FYI

Security Group Access devices communicate with their peers  and learn their SGT values. The Security Exchange Protocol-IP (SXP)-IP Mappings  diagnostic tool connects to the device whose IP address you provide and lists  the peer devices' IP addresses and SGT values.

You must select one or more of the device's peers. This tool  connects to each of the peers that you select and obtains their SGT values to  verify that these values are the same as the values that it learned earlier.

0 Helpful
Customers Also Viewed These Support Documents
Top