Can you restrict the IP addresses allowed to connect to PIX?? 1

ixleplix · Jan 22, 2004

I'm not sure if this is possible......

Using the Cisco VPN client 4.0: can you (on the PIX) restrict the IP's that are allowed to initiate a VPN connection?

1) A robot may not injure a human being or, through inaction, allow a human being to come to harm.

2) A robot must obey orders given it by human beings except where such orders would conflict with the First Law.

3) A robot must protect its own existence as long as such protection does not conflict with the First or Second Law.

themut · Jan 24, 2004

How about using XAUTH instead? XAUTH (Extended Authentication) will not let you establish the tunnel unless a valid username and passord is provided by the user. Now the username/password pair could reside on a Radius server or it could reside locally on the PIX (as long as you are running 6.3.X). The link below is an excellent guideline configuring a VPN tunnel with XAUTH:

http://www.cisco.com/en/US/products...s_configuration_example09186a00800b6099.shtml

ixleplix · Jan 26, 2004

Thanks for the great info.

1) A robot may not injure a human being or, through inaction, allow a human being to come to harm.

2) A robot must obey orders given it by human beings except where such orders would conflict with the First Law.

3) A robot must protect its own existence as long as such protection does not conflict with the First or Second Law.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Can you restrict the IP addresses allowed to connect to PIX?? 1

ixleplix

MIS

themut

Technical User

ixleplix

MIS

Similar threads

Part and Inventory Search

Sponsor