I'm working on a Uni project to set up a secure network. One aspect is to have a VPN for clients of the imaginary company to access web based services.
I have set up a simple clientless SSL VPN which works and gives access to the DMZ with the web server. However it also allows access to other DMZs which I do not want clients accessing. Website
webvpn
enable outside
exit
How do I go about either directing/restricting the VPN only to a single DMZ? Do I need to use ACLs of some sort or should I be looking at policies based on the usernames or something else entirely?