Limit access to specific IP address (hopefully by AD group)
I setup our Cisco VPN 3015 a couple of months ago, working with a
Windows 2000 Server and IAS. Currently, if you are a member of the "VPN
users group" in Active Directory, you are allowed access. This works
well for now, it's mostly used for employees in IT who do need access
But I'd like to setup a process where access is limited to an IP
address (or 2 or 3, etc.) based on AD group membership. For instance,
if you are member of the xyz user group in AD, I'd like to limit that
group to access only 10.108.1.xyz. That sort of thing. I don't need
outside vendors with access to all devices on the LAN.
Should I try to do this in AD via some RAS policy, or in the VPN 3015?
Is there a good reference document for this on the Cisco site (I didn't
really see one).
Thanks in advance.
|All times are GMT. The time now is 07:35 AM.|
Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.