Solved: Re: Deny Partner Remote VPN User to Acces Corporate Users PC's U

kiran kumar Chamakura · ‎05-27-2011

Hi Experts,

Setup:

We have configured IPSEC Site - Site VPN between Cisco ASA 5510 and Sonicwall.

Tunnel is up and running fine we are able to access the Partner Remote Workstation and Vis Versa.

Requirment: We want to deny Remote VPN Users, who are our Partner to access out Workstation.

Example:

Remote IP Range: 192.168.200.x/2r4

Local IP Range: 192.168.10.x/24

Deny traffic comming from 192.168.200.x/24 to 192.168.10.x/24

Thanks in Advance

Kiran Kumar CH

Federico Coto Fajardo · ‎05-27-2011

Hi Kiran,

You want to deny certain IPs from the remote LAN (of the L2L tunnel), to connect to your workstation?

So, if the remote network is 192.168.200.0/24, you want to deny some of those machines to connect to 192.168.10.x?

If this is so, you can create VPN ACLs (VPN filters) on the ASA to restric the traffic through the tunnel based on IPs.

Please clarify if I misunderstood.

Federico.

Federico Coto Fajardo · ‎05-27-2011

Hi Kiran,

You want to deny certain IPs from the remote LAN (of the L2L tunnel), to connect to your workstation?

So, if the remote network is 192.168.200.0/24, you want to deny some of those machines to connect to 192.168.10.x?

If this is so, you can create VPN ACLs (VPN filters) on the ASA to restric the traffic through the tunnel based on IPs.

Please clarify if I misunderstood.

Federico.

kiran kumar Chamakura · ‎05-30-2011

Hi Federico.

I have done the same, it worked thank you I have rated you, you have solved my problem

Thanks and Regards

Kiran Kumar CH

Deny Partner Remote VPN User to Acces Corporate Users PC's Using Site to Site VPN