Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
449
Views
15
Helpful
3
Replies

Multiple VPN Connection for Different Profiles

Go to solution
LevAjar
Level 1
Level 1

‎11-09-2022 07:58 AM

Below is the scenario

  • > Client A : for VPN uses >> Cisco Anyconnect
  • > Client B : for VPN uses >> Cisco Anyconnect 

Why does it not allow in above case to continue with dual VPN connection on laptop/PC ? 

  • If you login to VPN with Client A, then can't access Client B systems
  • If you login to VPN with Client B, then can't access Client A systems 

 

What configurations needs to be updated to make it work seamless with dual Cisco Anyconnect VPN Connections ? 

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎11-09-2022 08:05 AM - edited ‎11-09-2022 08:36 AM

@LevAjar they are a couple of things you can do to achieve what you require.

- If you authenticate against ISE/RADIUS, client A is assigned a Downloadable ACL (DACL) that denies access to Client B systems and permits the other traffic. And Vice Versa, a different DACL is assigned to Client B which denies access to Client A resources and permits other traffic. Example

- Or assign a Group Policy and VPN filter to Client A, which denies access to Client B resources and permits the rest. And assign a different Group Policy and VPN filter for Client B. Example.

View solution in original post

3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎11-09-2022 08:05 AM - edited ‎11-09-2022 08:36 AM

@LevAjar they are a couple of things you can do to achieve what you require.

- If you authenticate against ISE/RADIUS, client A is assigned a Downloadable ACL (DACL) that denies access to Client B systems and permits the other traffic. And Vice Versa, a different DACL is assigned to Client B which denies access to Client A resources and permits other traffic. Example

- Or assign a Group Policy and VPN filter to Client A, which denies access to Client B resources and permits the rest. And assign a different Group Policy and VPN filter for Client B. Example.

Go to solution
MHM Cisco World
VIP
VIP

‎11-13-2022 10:57 AM

still this not solve friend ?

0 Helpful

Go to solution
LevAjar
Level 1
Level 1

‎11-14-2022 06:24 AM

@Rob Ingram / @MHM Cisco World  - Thanks for responding with options! 

I was more asking for my network/infrastructure engineers to try these options. 

Will go ahead and mark the answer as solution. Hoping it fixes! 

 

Thanks again for immediate response! Thank you! 

 

Regards,

Vels

Customers Also Viewed These Support Documents