Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
734
Views
0
Helpful
2
Replies

Controlling VPN client access on pix

jeffrey.chong
Level 1
Level 1

‎11-15-2004 08:02 PM - edited ‎02-20-2020 11:44 PM

Does anyone have any idea on controlling VPN client access once they get connected thru VPN (PIX).

I tried using access-list but it does not filter out correct as defined by ports.

0 Helpful
2 Replies 2

jay_colby
Level 1
Level 1

‎11-16-2004 07:48 AM

The sysopt permit Ipsec will overide the acls on the interfaces for your vpn traffic. You will need to take the sysopt out. Then on the outside interface build your ACL to allow isakmp and ESP/AH traffic. Once you do that you can now limit your traffic per ACL on the outside or inside interface. That it is up to you and your security policy.

0 Helpful

carlogon
Level 1
Level 1

‎01-18-2005 03:55 PM

i will try to make some acls matchingthe intersting traffic on the inside interface , the sysopt command only overwrites the acl on the outside interface

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card