[vpn] limiting access to specified ports on PIX firewall
Chuck Renner
crenner at dynalivery.com
Wed Jun 26 17:31:21 EDT 2002
I have a PIX 506 firewall which is also providing VPN access to remote
users. For some users, I want to limit the ports they have access to on the
internal network, in this case for them to connect to an internal web
server.
My original thought was to create a new vpngroup, with a new address pool,
then create a new access list. I tried to create the access list like this:
access-list 102 permit ip 192.168.3.0 255.255.255.0 192.168.1.0
255.255.255.0 eq 80
Where the internal network is 192.168.1.0/24, and the pool for VPN clients
is 192.168.3.0/24. However, the PIX isn't accepting this.
Am I going about this in completely the wrong way?
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list