Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco Pix 501 VPN Question

Posted on 2004-08-05
2
Medium Priority
?
979 Views
Last Modified: 2010-04-11
I am setting up a connection between a remote office and a client.  They are going to be connecting to the Pix 501 using the Easy VPN Client.  There are about 10 servers and 50 users on the internal network.  I only want the client to have access to 2 of the servers and that's it!!  There also will be various ports open to them..  Could someone tell me the best way to go about setting this up???  I have the VPN connection working, but they are able to see everything on the network.

Thanks

Nick
0
Comment
Question by:Paisley-Consulting
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 1000 total points
ID: 11730158
Hi Paisley-Consulting,
There are two ways around this problem.

1) Configure split tunneling so that only traffic to the two internal IP addresses is sent across the VPN. You cannot restrict what ports people are permitted to connect to though.

2) Setup a Radius authentication server and configure it to issue an access-list to a particular users session. See my website for a tutorial.
http://www.gbnetwork.co.uk/networking/ciscopixvpnradius.html
0
 

Author Comment

by:Paisley-Consulting
ID: 11735220
Thank You for the quick response.  I am going to be using the split tunneling method to restrict them.

Thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question