CahitEy
asked on
VPN open/close ports
How could i open or close connected clients allowed ports over vpn
ASKER
where this command is using ?
These are on the CLI command line.
ASKER
it did not worked :D i think i am doing sth. wrong do you have a screen shot for a better description
Could you post your sanitized config here?
ASKER
what is sanitized ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Usually, when you setup remote clients, you need a nonat to allow traffic:
access-list 101 permit ip 10.99.99.0 255.255.255.0 192.168.1.0 255.255.255.0
ip local pool bigpool 192.168.1.1-192.168.1.254
nat (inside) 0 access-list 101
The above is an example to allow the iplocal pool to access all of 10.99.99.0. There's nothing stopping you from drilling this ACL down to only the servers you want the clients to access.....
i.e.
access-list 101 permit ip host 10.99.99.10 192.168.1.0 255.255.255.0
access-list 101 permit ip host 10.99.99.11 192.168.1.0 255.255.255.0
access-list 101 permit ip host 10.99.99.12 192.168.1.0 255.255.255.0
ip local pool bigpool 192.168.1.1-192.168.1.254
nat (inside) 0 access-list 101