Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
1214
Views
0
Helpful
0
Comments

How to prevent the Cisco VPN Client from accessing certain networks behind the VPN Concentrator

TCC_2
Level 10
Level 10

on ‎06-22-2009 05:35 PM

Resolution

In order to block Cisco VPN Client access to certain networks behind the VPN Concentrator, complete these steps:

  1. Create a group for the Cisco VPN Client. For help with this, refer to IPsec with VPN Client to VPN 3000 Concentrator Configuration Example.

  2. Choose Configuration > Policy Management > Traffic Management > Network List and click Add.

  3. Add the network that you wish for the VPN Client to access (for example, 20.x.x.x) and enter a unique name for this network list.

  4. Choose Configuration > User Management > Group and locate the group that you created in step 1.

  5. Go to the Client Config tab and choose Split Tunneling Policy.

  6. Click the Only tunnel networks in the list drop-down menu and select the split tunneling address list that you created in step 3.

  7. Save the configuration.

  8. Initiate the VPN Client connection and try to access any network other than what is defined in the network list. You should see that the VPN Client is now unable to access those networks.
Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents