I tried to create a ACL which was configured as source zone and destination zone both outside with a source IP as my public IP action deny, but once applied, I can still access the VPN signin page. Is there a way to block access to remote VPN from specific IPs?
if this firepower Geo based ACL possible, if this ASA ( i am afraid as far as i concernt it available on ASA code)
Yes, it's a FTD firewall managed by FMC running the latest 6.5 code. I'm trying to research and perhaps it needs to be a control panel access control instead of the typical ACL rule? Not sure how or if a control panel ACL can be configured with FMC/FTD?
Use flexconfig to deploy a control-plane AC; if it doesn't work, open a TAC case and mention this bug: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvn78593/?rfs=iqvred
here is the guide for Geo location based rules for reference :
I'm using geo ACL rules else where and it works fine. I just can't restrict access to VPN landing page which is hosted from the firewall outside interface.
Try @Cristian Matei suggested flexconfig, if that is feasible for you.