cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4042
Views
10
Helpful
1
Replies

Restricting Anyconnect VPN user to a IP by a specific port

robinandjiang
Level 1
Level 1

How can i restrict Anyconnect VPN users, only to a pariticular ip address with a specific port  in may inside network, say 10.10.10.50 with port 80, block any other ports like 3389.

i tried both the commands and associated with Group Policy.

access-list www extended permit tcp host 10.10.10.50 eq http object NETWORK_OBJ_172.11.11.0_24

or

access-list www extended permit tcp host 10.10.10.50  object NETWORK_OBJ_172.11.11.0_24 eq http

172.11.11.0 is my vpn dhcp scope.

but i still can reach 10.10.10.50 by RDP (PORT 3389)

any suggestion.

thanks.

1 Accepted Solution

Accepted Solutions

Hi,

You can use VPN Filter to restrict the access you require, example here and here.

 

HTH

View solution in original post

1 Reply 1

Hi,

You can use VPN Filter to restrict the access you require, example here and here.

 

HTH

Review Cisco Networking for a $25 gift card