Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1772
Views
0
Helpful
4
Replies

Create an anyconnect VPN to a specific Vlan on Cisco ASA 5506

Go to solution
LogicalIT
Level 1
Level 1

‎02-12-2020 12:03 PM

Hello,

 

Excuse my ignorance but how would (if possible) setup an ASA 5506 anyconnect vpn to only go to a manually created Vlan? We have a department that should only have access to the devices that are on a Vlan 20 and not reach any other networks. Is it also possible to do it through ASDM?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎02-12-2020 09:02 PM

Hi

During the vpn creation, you can decide to tunnel all traffic or specific traffic. You can choose to tunnel specifc traffic. This will ask you to create an acl on which you can only put your vlan 20.

If the vpn is already used and filter some specific users only to this vlan, you can assign an acl called vpn-filter to these users.
If you need help with configuration let me know in which situation you're in.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎02-12-2020 09:02 PM

Hi

During the vpn creation, you can decide to tunnel all traffic or specific traffic. You can choose to tunnel specifc traffic. This will ask you to create an acl on which you can only put your vlan 20.

If the vpn is already used and filter some specific users only to this vlan, you can assign an acl called vpn-filter to these users.
If you need help with configuration let me know in which situation you're in.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
LogicalIT
Level 1
Level 1
In response to Francesco Molino

‎02-13-2020 07:48 AM

Thank you for the assistance. In this case the VPN is already setup. What would be my next steps? I am not sure where to find the place to assign an acl for it
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to LogicalIT

‎02-13-2020 07:01 PM

Ok. Can you share your config please?
Are users authenticating against a radius server or using the local database.
If you share it, I'll be able to provide the config part for your need.
Here a doc explaining vpn filter:
https://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/99103-pix-asa-vpn-filter.html

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
LogicalIT
Level 1
Level 1
In response to Francesco Molino

‎02-19-2020 05:00 AM

thanks after redoing the VPN and seeing the options I was able to add the acl ect. Appreciate the help!
0 Helpful
Customers Also Viewed These Support Documents