03-31-2003 01:34 PM - edited 02-21-2020 12:26 PM
I have already setup on my PIX 515 a VPN connection that allows user to connect to our network via a cisco VPN client to access network resources.
What I want to setup now is another VPN connection that external users can use but would only allow access to one host.
Ex. I would VPN in to my site but would only be allowed to access 10.1.1.1 on my network.
How can I do this? Do I need to setup another VPNGROUP and somehow setup an access list to only allow traffic to one host. Can someone help with the correct syntax for the PIX.
Thanks,
Scott
Solved! Go to Solution.
03-31-2003 10:34 PM
You'll currently have a bunch of "vpngroup
Another way to only allow access to one host for this PIX is to do split tunnelling on this group, and in the split tunnel ACL only define that one host.
03-31-2003 01:42 PM
Hi,
Just configure another group on the pix with a separate pool of ip address(subnet), and then configure an inbound acl on the inside interface to restrict traffic for those users to one host.
Thx
Afaq
03-31-2003 01:49 PM
How do I create another VPNGROUP. I see the how to set the options but not how to create it.
Thanks,
Scott
03-31-2003 10:34 PM
You'll currently have a bunch of "vpngroup
Another way to only allow access to one host for this PIX is to do split tunnelling on this group, and in the split tunnel ACL only define that one host.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide