Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
26046
Views
63
Helpful
46
Replies

Block access to Remote Access VPN by IP Address

PerryGuy621
Level 1
Level 1

‎05-21-2021 12:37 PM

I am running a couple of Cisco FTD 2110 managed with FMC and am looking for the best way to block access to our remote access VPN by IP. From doing some reading it looks like the best (and only?) way to do this is via a control plane ACL deployed via Flex Config. I saw another post that showed how this could be accomplished via geo but I am unsure on that syntax. I'm hoping someone could provide what syntax is used or point me towards some documentation for this?

 

Thank you!

5 people had this problem
46 Replies 46

Lee Dress
Level 1
Level 1

‎03-23-2024 12:46 PM

So here's what I have done to mitigate the whack a mole issue. 

I installed 2 OPNSense firewalls as my edge routers to the internet. They have next gen ability to use GEO IP and IP Lists like ET and FIREHOL. Then I setup rules to block traffic based on those lists. I've also created a report in Firepower to give me AAA authentication errors so I can tell how many hits I'm taking and if those IP addresses aren't on a list, then i can add them manually at the edge. 

 

thegreatone
Level 1
Level 1
In response to Lee Dress

‎06-19-2024 06:02 PM

Can you do deploy an OPNSense firewall in front of the FTD in transparent/non-routed mode?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card