SBNservices
IS-IT--Management
Here is our desired scenario:
2 different groups connect to office via VPN. Group 1 has full access to the network. Group 2 would only access a specific machine/IP address.
How can we define which IPs EACH group can access? I know we can define an IPSec rule under which IPs can be accessed, but I do not know how we can define this for certain user/group.
We would use the MS PPTP client or the Cisco client, although the preference is for PPTP (Not our decision).
Basically the owner and upper management get full access, where some remote/home users would access just one specific machine that data would be synched from the main file server, but they would not be able to access the main servers.
Lastly, this would be done on either a PIX 520 or 515.
Can this be defined in the PIX successfully?
2 different groups connect to office via VPN. Group 1 has full access to the network. Group 2 would only access a specific machine/IP address.
How can we define which IPs EACH group can access? I know we can define an IPSec rule under which IPs can be accessed, but I do not know how we can define this for certain user/group.
We would use the MS PPTP client or the Cisco client, although the preference is for PPTP (Not our decision).
Basically the owner and upper management get full access, where some remote/home users would access just one specific machine that data would be synched from the main file server, but they would not be able to access the main servers.
Lastly, this would be done on either a PIX 520 or 515.
Can this be defined in the PIX successfully?