Meraki

Community

Client VPN user restrict access to one single IP.

Solved
tantony
Head in the Cloud
‎Nov 8 2019 10:42 AM
‎Nov 8 2019 10:42 AM

Client VPN user restrict access to one single IP.

I need to give remote access to another company user.  I'm using Meraki cloud authentication for VPN, and I created an account for this remote user.

 

I only want this user to have access to one specific ip address when they login.  How can I do that?

 

Basically I only want them to give remote access to 172.16.5.125

0 Kudos
1 Accepted Solution
Nash
Kind of a big deal
‎Nov 8 2019 11:28 AM
‎Nov 8 2019 11:28 AM

Do you have other users of your client VPN? Do they need access to other devices?

 

You can have one set of rules that applies to your client VPN. You can't make decisions, via the firewall, regarding access provided to individual users. Unfortunately.

Windows 10 Client VPN scripts: Makes life better!

View solution in original post

5 Replies 5
tantony
Head in the Cloud
‎Nov 8 2019 10:57 AM
‎Nov 8 2019 10:57 AM

Basically, what this person is asking, just to be clear.

 

 

https://community.spiceworks.com/topic/1349679-restricting-individual-meraki-mx-client-vpn-users-to-...

0 Kudos
Nash
Kind of a big deal
‎Nov 8 2019 11:28 AM
‎Nov 8 2019 11:28 AM

Do you have other users of your client VPN? Do they need access to other devices?

 

You can have one set of rules that applies to your client VPN. You can't make decisions, via the firewall, regarding access provided to individual users. Unfortunately.

Windows 10 Client VPN scripts: Makes life better!
In response to Nash
tantony
Head in the Cloud
‎Nov 8 2019 11:49 AM
‎Nov 8 2019 11:49 AM

@Nash 

Do you have other users of your client VPN? Do they need access to other devices?

I have other users (company users who need access), I setup a different vpn account for this "outside" user, this user I only want to be able one specific IP.

 

You can have one set of rules that applies to your client VPN. You can't make decisions, via the firewall, regarding access provided to individual users. Unfortunately.

I guess its not possible then because if I make change in client VPN, it will affect the company users + "outside" user

0 Kudos
In response to tantony
tantony
Head in the Cloud
‎Nov 8 2019 12:15 PM
‎Nov 8 2019 12:15 PM

Any other creative way I could do this?  Other way is to may be do port forwarding using port 3389, but I don't really want to do this.  

0 Kudos
In response to Nash
SmokeyMountnMan
Just browsing
‎Aug 16 2023 4:28 AM
‎Aug 16 2023 4:28 AM

Hi Nash, I have the same scenario and am using the MX85, with Azure AD auth via SAML and the Cisco AnyConnect client. My need is to only allow one user access to a specific IP on the lan through VPN while the other users are not impacted by the restrictions. My systems are up to date, and I wanted to see if the technology has advanced since this post to allow these types of configurations.

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.