Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
347
Views
0
Helpful
3
Replies

Block IP's from accessing clientless VPN

jf1134
Level 1
Level 1

‎03-04-2024 10:59 AM

We have a web URL setup so that our users can go to the site and download the AnyConnect client.

In the last week, we are getting tons of failed login attempts that I believe are coming from people trying to login. The are some common IPs and I have setup an ACL that deny's IP to any but they are still coming through. I also tried configuring the NSG in Azure to deny any traffic from those IP's but that doesn't work. Our ASA is a ASAv in Azure

Is there anyway to block specific IP's from being allowed to even load that site? I even tried to put it behind our Cloudflare WAF and setup a rule to deny the IP's and that didn't work either. 

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎03-04-2024 11:05 AM

@jf1134 you could use a control-plane ACL or an ACL on the router in front of the ASA to block the traffic or use the "shun" command, although I don't believe that survives a reboot.

0 Helpful

Ruben Cocheno
Spotlight
Spotlight

‎03-04-2024 11:08 AM

@jf1134 

You can always try some Geolocation if possible

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/
0 Helpful

MHM Cisco World
VIP
VIP

‎03-04-2024 11:09 AM

This second posts same issue 

And my reply is same 

Use shun or acl control plane 

Did you check my previous reply?

MHM

0 Helpful
Customers Also Viewed These Support Documents