Solved

How do I apply a access rules to VPN connections on my ASA 5510?

Posted on 2008-10-14
4
305 Views
Last Modified: 2010-04-21
I have recently finished configuring my Cisco ASA 5510 for remote VPN access. How do I create access rules (ACL's) just to the incoming VPN connections?
0
Comment
Question by:RobFarley
  • 2
4 Comments
 
LVL 10

Expert Comment

by:kyleb84
ID: 22716592
You probably just have to catch them by port, then assign it to your WAN interface.

access-list 110 deny tcp X.X.X.X y.y.y.y x.x.x.x Y.Y.Y.Y eq 1723

-OR-

Give them their own subnet, and ACL that on your Vlan1 interface.
0
 

Author Comment

by:RobFarley
ID: 22716607
My apologies but that was a bit over my head. I am acustomed to using the ASDM GUI. Command line is a challenge for me. Can you be a bit more specific?
0
 
LVL 4

Accepted Solution

by:
yurisk earned 125 total points
ID: 22716642
Abit unclear to me, are you trying to restrict traffic inside VPN tunnel or ACL to be pushed to the client
as encryption domain ?
Or in other words - what are you trying to achieve ?

BTW if you mean restrict traffic inside VPN tunnel ( permit/deny access by IPs) here is the link
that can help (no GUI sorry) :
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_23801754.html

0
 

Author Closing Comment

by:RobFarley
ID: 31506091
Thanks for your help! I am going to try a different approach.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA policy-map not matching the specific traffic 3 52
Not able to route between subnets 8 104
Access List 4 32
Help with ASA config smtp traffic 10 29
There are many useful and sometimes not well documented or forgotten IOS or ASA/PIX commands. See IPE article here , there was also one on PacketU and on Cisco Tips & Tricks. Below are my favorites. I give also a few most often used for Cisco IPS an…
When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now