How to define client VPN routes with MX250

Solved
NetC
Conversationalist

How to define client VPN routes with MX250

We have users who should have different permissions. You could divide the users into different groups.

 

Administrators should be able to access everything.
A group may access certain servers.
Another group can only access certain ports of servers on all Site2Site VPN (AutoVPN).

 

The authorization for the ClientVPN takes place with RADIUS on the ActiveDirectory server https://documentation.meraki.com/MX/Client_VPN/Configuring_RADIUS_Authentication_with_Client_VPN. But according to the instructions I don't get any routing to a network from the client at all and I don't want to change any default route on the client. I can't set the routing to all known networks anywhere.

I  try to use Windows 11.

 

Regards, Ronny

1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal

The best option if you intend to limit access is to use Anyconnect and configure group policies with Filter-ID.

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Group_Policies_with_RA...

 

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Server_Settings

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

1 Reply 1
alemabrahao
Kind of a big deal
Kind of a big deal

The best option if you intend to limit access is to use Anyconnect and configure group policies with Filter-ID.

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Group_Policies_with_RA...

 

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Server_Settings

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels