Cisco Pix 501 VPN Question

I am setting up a connection between a remote office and a client.  They are going to be connecting to the Pix 501 using the Easy VPN Client.  There are about 10 servers and 50 users on the internal network.  I only want the client to have access to 2 of the servers and that's it!!  There also will be various ports open to them..  Could someone tell me the best way to go about setting this up???  I have the VPN connection working, but they are able to see everything on the network.

Thanks

Nick
Paisley-ConsultingAsked:
Who is Participating?
 
grbladesConnect With a Mentor Commented:
Hi Paisley-Consulting,
There are two ways around this problem.

1) Configure split tunneling so that only traffic to the two internal IP addresses is sent across the VPN. You cannot restrict what ports people are permitted to connect to though.

2) Setup a Radius authentication server and configure it to issue an access-list to a particular users session. See my website for a tutorial.
http://www.gbnetwork.co.uk/networking/ciscopixvpnradius.html
0
 
Paisley-ConsultingAuthor Commented:
Thank You for the quick response.  I am going to be using the split tunneling method to restrict them.

Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.