cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

IPSec RAVPN: Restrict a Subnet from Connecting to the VPN

Hi Guys,

I am gathering some helpful information for a while now to suffice my concern.

I found this thread and followed it but it does shows what I wanted. 

 

My concern is, I want to restrict a subnet from connecting to the VPN. For example, SUBNET-A should be the only subnet that can connect to my VPN using Endpoint VPN client. I tried in my lab what is in the link but I still can connect to VPN even though my endpoint does not belong to that subnet.

Is this really possible?

Thanks for the help.

3 Replies

Re: IPSec RAVPN: Restrict a Subnet from Connecting to the VPN

It is possible - but what is shown in logs for you ?

0 Kudos
Highlighted

Re: IPSec RAVPN: Restrict a Subnet from Connecting to the VPN

Hi @Günther W. Albrecht, 

In my logs, i can only see "Key Install" and "Login" logs but these logs upon analyzing, it is pertaining to the VPN IP so the security rules will not to take effect. Is my understanding correct?

Above image is a sample, I am connecting to my external zone (sorry the object naming is incorrect).

How I can restrict a group of user like only the group of 10.10.10.0/24 can connect to the VPN?

Thanks in advance.

Admin
Admin

Re: IPSec RAVPN: Restrict a Subnet from Connecting to the VPN

What, if anything, did you try from that the thread you mentioned?

0 Kudos