Restrict Network for VPN user

[gd415]

I need help with my VPN setup for providing video streamming to certian dial-up and VPN user. My company are trying to restricting some remote users to certain area of our internal network and was wondering what would be the best way.
Our remote users connect into our network through dial in (Cisco AS5300) and VPN (3030 concentrator). The user is then authenticated and authorized by a Cisco ACS AAA server.
Is there any ways we can restrict users base on their account or some other identities to certain area of our internal network? Has anyone set-up this scenario before or have any advice?

Dan

 

[peterve]

put a firewall between the VPN box and your internal network. That is generally a best practise, and will allow you to restrict what the user can and can't do on the network. --------------------------------------------------------------------

http://kickme.to/dpsecurity

--------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------

 

[charcarson]

What VPN client are you using and what VPN technology (PPTP, L2TP, IPSEC)?

IPSEC with the Cisco VPN Client will allow you to set up access rules based on the group that you are using.