A little ASA task with deep meaning :)
I am often asked very similar questions and I decided to arrange them in the form of a puzzle. It is not difficult, but you need to know how to do it. After breaking the head, if you suddenly decide, I will certainly tell you!
So, the problem:
See the picture:
')
Let there is an ASA with OS version 8.0 (4) as an IPSec VPN concentrator. Clients connect to it. (As an option, it can be both computers and small hardware that work as clients).
Objective: to allow connecting to the ASA only from trust networks (option: deny connecting from non-trust networks). For clients from untrusted networks, no connection should occur at all.
Example of application: your VPN hub is being dumped with DoS from China from the network 218.192.0.0/16. It is necessary to prohibit attempts to connect computers from this network.
Dare!
So, the problem:
See the picture:
')
Let there is an ASA with OS version 8.0 (4) as an IPSec VPN concentrator. Clients connect to it. (As an option, it can be both computers and small hardware that work as clients).
Objective: to allow connecting to the ASA only from trust networks (option: deny connecting from non-trust networks). For clients from untrusted networks, no connection should occur at all.
Example of application: your VPN hub is being dumped with DoS from China from the network 218.192.0.0/16. It is necessary to prohibit attempts to connect computers from this network.
Dare!
Source: https://habr.com/ru/post/61682/
All Articles