Re: Restrict SSL VPN access

dxtileryii · ‎11-10-2011

Hi,

In using ASAs is there a way to filter the IPs that are allowed to access your SSL VPN. I know I can limit access on where users can go to and access etc. However, I am more interested in filtering who is even able to get to the SSL Web VPN page. General rules on the outside Interface to do not work and Web ACLs seemed to be limited to resources after you are connected.

ajay chauhan · ‎11-10-2011

ASA(config)# https outside

This way you can restrict but not sure how you are going to manage internet IPs if not fixed.

Thanks

Ajay

dxtileryii · ‎11-10-2011

That command is for ASDM access and doesn't impact SSL VPN connections

ajay chauhan · ‎11-10-2011

Pls read this.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807be2a1.shtml

Thanks

Ajay

dxtileryii · ‎11-11-2011

Hello, I did read it and this isn't the same thing. I don't even have ASDM enabled for outside access so I don't see ports as an issue. currently SSL is the only thing being served via the outside interface.

Sent from Cisco Technical Support iPhone App

vikz230884 · ‎11-14-2011

Hi Donnell,

you mean the login page ? Don't think we can restrict the login page itself...

HTH,

Vikram

dxtileryii · ‎11-14-2011

yeah that is the conclusion I am coming to. Kind of surprised there isn't a way without an additional appliance to do the filtering.

Sent from Cisco Technical Support iPhone App