Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to define client VPN routes with MX250

Solved
NetC
Conversationalist
‎Dec 29 2022 11:09 AM
‎Dec 29 2022 11:09 AM

How to define client VPN routes with MX250

We have users who should have different permissions. You could divide the users into different groups.

 

Administrators should be able to access everything.
A group may access certain servers.
Another group can only access certain ports of servers on all Site2Site VPN (AutoVPN).

 

The authorization for the ClientVPN takes place with RADIUS on the ActiveDirectory server https://documentation.meraki.com/MX/Client_VPN/Configuring_RADIUS_Authentication_with_Client_VPN. But according to the instructions I don't get any routing to a network from the client at all and I don't want to change any default route on the client. I can't set the routing to all known networks anywhere.

I  try to use Windows 11.

 

Regards, Ronny

0 Kudos
Subscribe
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
‎Dec 29 2022 12:26 PM
‎Dec 29 2022 12:26 PM

The best option if you intend to limit access is to use Anyconnect and configure group policies with Filter-ID.

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Group_Policies_with_RA...

 

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Server_Settings

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

Subscribe
1 Reply 1
alemabrahao
Kind of a big deal
Kind of a big deal
‎Dec 29 2022 12:26 PM
‎Dec 29 2022 12:26 PM

The best option if you intend to limit access is to use Anyconnect and configure group policies with Filter-ID.

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Group_Policies_with_RA...

 

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Server_Settings

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.