Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
639
Views
0
Helpful
1
Replies

VPN user restrictions to network devices

raza555
Level 3
Level 3

‎01-30-2014 02:45 AM - edited ‎03-10-2019 09:20 PM

Hi,

We have ASA configured for VPN Access & very large subnets are allowed for VPN then we have created VPN users in ACS & restrict the users access via Downloadable ACL & then on RSA we have created the user and assign them the RSA Tokens.

Problems:

~~~~~~~~

1) How we can restrict VPN users to our network devices, as currently all VPN users can connect to network devices.

Downloadable ACL on ACS not good enough as suppose we have restrict VPN user to particular subnet via dACL, once he will reach that subnet devices, then from that device(Switch/Router) he is somehow allowed to get to all devices. HOW WE CAN RESTRICT VPN USER THAT IF HE IS ALLOWED TO ACCESS ONLY SUBNET1 SWITCH, HE CANNOT GOTO SUBNET 2 SWITCH/ROUTER ETC.

2)  We have hundreds of RSA tokens and its hard to manage  these Is there any better solutions than RSA token. Any latest  technology better than this.

THANKS

Labels:
0 Helpful
1 Reply 1

andrewswanson
Level 7
Level 7

‎01-30-2014 10:18 PM

Hello. Is TACACs configured on your network devices? This would allow you to restrict what user has access.

HTH

Andy

0 Helpful
Customers Also Viewed These Support Documents