03-27-2017 01:39 PM - edited 02-21-2020 09:12 PM
Hello,
I'm new to Cisco AnyConnect on the Cisco ASA but have used regular IPSec VPN Remote Access tunnels in the past.
I'm struggling with how to limit network access with AnyConnect. In the past with IPSec VPNs, each IP pool was tied to a group policy and I could permit/deny based on that IP Pool.
Can someone help me grasp how to permit/deny subnets with Cisco AnyConnect on the ASA running 9.7(1) code?
Thanks!
Solved! Go to Solution.
03-27-2017 03:25 PM
The network access restriction with Anyconnect would have to be done using VPN filter ACL's, just like you would do it with IPsec RA. An guide of hoe to do it is here:
http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/99103-pix-asa-vpn-filter.html#anc6
03-27-2017 03:25 PM
The network access restriction with Anyconnect would have to be done using VPN filter ACL's, just like you would do it with IPsec RA. An guide of hoe to do it is here:
http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/99103-pix-asa-vpn-filter.html#anc6
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: