VPN client

resfat2001 · ‎07-13-2005

Hi,

Please, is there a way to deny to a user to modify the vpn client configuration (group name and password, IP address of remote host) ????????

Thanks

resfat2001 · ‎07-13-2005

n

resfat2001 · ‎07-14-2005

NO solution???

j.rounkles · ‎07-14-2005

I am not aware of any way that this is possible.

rbays@angelo.edu · ‎07-18-2005

I don't know if anyone has pointed you to this document, but it does have some helpful information on what parameters you can control on the VPN cleint by making a custom install. At one point, it mentions that you can add a "!" to a parameter to make it read only. Hope it helps out. If you can't get to the link, it is the Administrator's Guide for VPN client 4.6. I know these have been available since at least vertion 3.6.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_administration_guide_book09186a00802d5d97.html

jackko · ‎07-18-2005

thanks rbays@angelo.edu

it works!

below is the related info from the admin guide mentioned.

Making a Parameter Read Only

To make a parameter read-only so that the client user cannot change it within the VPN Client applications, precede the parameter name with an exclamation mark (!). This controls what the user can do within the VPN Client applications only. You cannot prevent someone from editing the global or .pcf file and removing the read-only designator.

for example open the pcf file by notepad

!Host=xxx.xxx.xxx.xxx

AuthType=1

!GroupName=vpnclient