I currently have an Anyconnect VPN SSL connection for my outside users. But I have a vendor that does not what to create an IPSEC tunnel, but whats a remote connection to remote a server on my network. How can I lock down an account to one or a few servers without giving access to the whole network?
You can configure a VPN filter in the group policy, you can follow this documentation to configure the filter, remember that the access-list should be configured inbound direction:
Regards, please rate.
You can apply this in a group policy
Create the access-list
access-list vpnfilt-ra permit ip remote_IP mask local_ip mask
group-policy test attributes
vpn-filter value vpnfilt-ra