02-27-2002 08:50 AM - edited 02-21-2020 11:37 AM
Hi all,
can i assign a particular policy to a user that connects to my network with my PIX using VPN Client (which type of VPN Client?) ?
I think that i can do that with VPN Concentrator but can i do with PIX too?
Or can i assign a particular IPs to my managers, so can make access lists for them?
Thanks,
King Regards,
Riccardo
02-27-2002 09:02 AM
The Pix uses the "vpngroup" command in much the same way the Concentrator uses groups. You can set up multiple pools and assign them to different group names to build your access-lists from. You would need to use the Cisco Unified Client, which is actually the same as the concentrator client.
02-27-2002 09:31 AM
Thank you,
but how can i distinguish user by user?
how can i tell that the user "rick" has the IP 10.1.1.10 and can go only to 10.1.10.20 and that thet user "richard" can go anywhere?
i have to insert user into PIX?
Can i use and external DB (like MS Active Directory)?
Rick
02-27-2002 09:50 AM
Do you need each user to have different access or can each user be place in a group. On the client it uses the group name and password to "authenticate" to the PIX.
You could for example create an ip pool in the 192.168.10.x subnet. In the vpngroup command you specify the name of this pool. In your access-list you allow 192.168.10.x to get to what you want. Then create another pool for another group.
This link might give you some further insight os to how the client is setup.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/config/basclnt.htm#xtocid10
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide