Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
433
Views
0
Helpful
0
Replies

Control Plane ACL for WebVPN

support
Level 1
Level 1

‎04-09-2013 02:40 AM - edited ‎03-11-2019 06:25 PM

Hi some time ago we restricted access to our webvpn portal via the following acl

access-list outside-control-plane remark Allow VPN Access From Office

access-list outside-control-plane extended permit object-group Net_Access object BCH_Man_Range any

access-list outside-control-plane remark Allow VPN Access From Secondary Office

access-list outside-control-plane extended permit object-group Net_Access object BCH_Office2 any

access-list outside-control-plane remark Default Blocker

access-list outside-control-plane extended deny ip any any

access-group outside-control-plane in interface OUTSIDE control-plane

and it worked fine

(the default blocker isn't needed based on what I've been reading but it didn't seem to matter)

but we recently upgraded the firmware on our ASA5510 from I think 8.2 all the way up to 9.1.1

and ever since then the ACL now seems to be ignored and access is no longer restricted to our IP ranges

its accessbile to any ip

could it have something to do with the fact the ip's specified are the new network objects, first used in 8.3?

object network BCH_Man_Range

subnet 62.232.86.80 255.255.255.240

description Created during name migration

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card