Client VPN user restrict access to one single IP.

SOLVED
tantony
Head in the Cloud

Client VPN user restrict access to one single IP.

I need to give remote access to another company user.  I'm using Meraki cloud authentication for VPN, and I created an account for this remote user.

 

I only want this user to have access to one specific ip address when they login.  How can I do that?

 

Basically I only want them to give remote access to 172.16.5.125

1 ACCEPTED SOLUTION
Nash
Kind of a big deal

Do you have other users of your client VPN? Do they need access to other devices?

 

You can have one set of rules that applies to your client VPN. You can't make decisions, via the firewall, regarding access provided to individual users. Unfortunately.

View solution in original post

5 REPLIES 5
tantony
Head in the Cloud

Nash
Kind of a big deal

Do you have other users of your client VPN? Do they need access to other devices?

 

You can have one set of rules that applies to your client VPN. You can't make decisions, via the firewall, regarding access provided to individual users. Unfortunately.

tantony
Head in the Cloud

@Nash 

Do you have other users of your client VPN? Do they need access to other devices?

I have other users (company users who need access), I setup a different vpn account for this "outside" user, this user I only want to be able one specific IP.

 

You can have one set of rules that applies to your client VPN. You can't make decisions, via the firewall, regarding access provided to individual users. Unfortunately.

I guess its not possible then because if I make change in client VPN, it will affect the company users + "outside" user

tantony
Head in the Cloud

Any other creative way I could do this?  Other way is to may be do port forwarding using port 3389, but I don't really want to do this.  

Hi Nash, I have the same scenario and am using the MX85, with Azure AD auth via SAML and the Cisco AnyConnect client. My need is to only allow one user access to a specific IP on the lan through VPN while the other users are not impacted by the restrictions. My systems are up to date, and I wanted to see if the technology has advanced since this post to allow these types of configurations.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels