What type of VPN platform? If you are terminating VPN on the ASA, the
outside ACL will not apply to the VPN traffic by default, as
everything is allowed by default per "sysopt connection permit-vpn" .
If that is the case, you can filter at the ASA by adding a vpn-filter
ACL tied to the group-policy.
On Tue, May 8, 2012 at 10:43 AM, amin <amin_at_axizo.com> wrote:
> Hi experts,
>
>
>
> How I can apply an access-list (access rule) to my VPN clients according to
> their pool address, I make it and try to apply it to the outside in, and to
> the inside out, but in both cases it didn't take effect to restrict them to
> certain applications and deny other applications to them.
>
> Is there any good way to apply such a technique that restrict the VPN
> clients just to SQL and restrict other type of access?
>
>
>
> Regards,
>
> Amin
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
-- Regards, Joe Astorino CCIE #24347 http://astorinonetworks.com "He not busy being born is busy dying" - Dylan Blogs and organic groups at http://www.ccie.netReceived on Tue May 08 2012 - 11:10:49 ART
This archive was generated by hypermail 2.2.0 : Sun Jun 17 2012 - 09:04:19 ART