Solved: anyconnect acl

ctp · ‎02-02-2011

Hi network gurus

I cannot find anywhere how to ACL my anyconnect client trafic

People speek of a vpn-filter. But I cannot find the option in ADSM 6.3(1)

The only option thats similar to this is under Remote Access VPN\Clientless SSL VPN Access\Group policies\General\More Options\web acl

I fear this only applies to trafic going through the web portal, as it has no affect on my AnyConnect clients. I only want to block tcp/25 smtp trafic from my clients, so only need 1 or 2 linies

I looked at this page http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080641a52.shtml but its a old ADSM used in the example.

Can anyone lead me on my way?

Thanks

Bastien Migette · ‎02-02-2011

I just took a screenshot on ASDM 6.4 (latest). It might be a bit different on your version but the menu should remain pretty the same.

The vpn-filter command is to use in CLI in the configuration group.

Just modify the group policy that is used by your anyconnect profile so that you can define an IP Filter.

I hope this help.

View solution in original post

Bastien Migette · ‎02-02-2011

I just took a screenshot on ASDM 6.4 (latest). It might be a bit different on your version but the menu should remain pretty the same.

The vpn-filter command is to use in CLI in the configuration group.

Just modify the group policy that is used by your anyconnect profile so that you can define an IP Filter.

I hope this help.

ctp · ‎02-02-2011

I could kiss you. I have looked at though the ADSM so many times, and the freaking option was just in front of me

Thank you so much for your help!

Bastien Migette · ‎02-02-2011

You're welcome