In This Section: |
With Directional VPN configured for Remote Access communities, the option exists to reject connections to or from a particular network object.
Source |
Destination |
VPN |
Service |
Action |
---|---|---|---|---|
Any |
Any |
Remote_Access_Community => MyIntranet |
Any |
drop |
Any |
Any |
Remote_Access_Community => Any Traffic |
Any |
accept |
Connections are not allowed between remote users and hosts within the "MyIntranet" VPN community. Every other connection originating in the Remote Access Community, whether inside or outside of the VPN communities, is allowed.
User groups can be placed in the destination column of a rule. This makes:
Source |
Destination |
VPN |
Service |
Action |
---|---|---|---|---|
Any |
Remote_Users@Any |
Any Traffic => Remote_Access_Community |
Any |
accept |
To include user groups in the destination column of a rule:
To configure Directional VPN with Remote Access communities:
The VPN Match Conditions window opens.
The Directional VPN Match Conditions window opens.