Amin,
If you can spend some time on this new ASA feature called Identity Firewall
Access Control (IDFW), it should do what you are asking for. Its a really
cool and neat feature for access control on the ASA not just based on IP
addresses but also on usernames and/or AD groups, etc. I have tested it and
works a treat! Give it a go.
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_idfw.html
HTH,
Sadiq
On Tue, May 8, 2012 at 3:43 PM, amin <amin_at_axizo.com> wrote:
> Hi experts,
>
>
>
> How I can apply an access-list (access rule) to my VPN clients according to
> their pool address, I make it and try to apply it to the outside in, and to
> the inside out, but in both cases it didn't take effect to restrict them to
> certain applications and deny other applications to them.
>
> Is there any good way to apply such a technique that restrict the VPN
> clients just to SQL and restrict other type of access?
>
>
>
> Regards,
>
> Amin
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- CCIEx2 (R&S|Sec) #19963 Blogs and organic groups at http://www.ccie.netReceived on Tue May 08 2012 - 16:07:39 ART
This archive was generated by hypermail 2.2.0 : Sun Jun 17 2012 - 09:04:19 ART