Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
566
Views
0
Helpful
1
Replies

Ip Filtering for Remote Access VPN

Go to solution
Arif
Level 1
Level 1

‎08-27-2020 01:46 AM

Hello;

 

On my Cisco ASA 5516X Firepower (FTD) device, remote Access vpn is running, but I want to set IP filtering to this. Only 1.1.1.1 external IP address should login vpn, how can I set this.

 

My Remote Access Configuration for remote Access are:

 

 

       Source Zones      Destination Zones        Source Network       Destination Network

1     OutboundNet       InternalNet                  VPNnetwork             InternalNetwork

2     InternalNet           OutboundNet              InternalNetwork      VPNnetwork

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎08-27-2020 01:51 AM

Hi,

I don't think this is possible on FTD, unless you can configure a control-plane ACL via Flexconfig...this possibly isn't supported by cisco though. You could apply an ACL on the upstream router, permitting/denying the traffic accordingly. Alternatively if you were using a 2FA solution such as Duo that can restrict traffic from source.

 

HTH

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎08-27-2020 01:51 AM

Hi,

I don't think this is possible on FTD, unless you can configure a control-plane ACL via Flexconfig...this possibly isn't supported by cisco though. You could apply an ACL on the upstream router, permitting/denying the traffic accordingly. Alternatively if you were using a 2FA solution such as Duo that can restrict traffic from source.

 

HTH

0 Helpful
Customers Also Viewed These Support Documents