Kings, ASA Web ACLs apply to the clientless and thin-client (PF) SSL VPNs. The "tcp" option allows you to use the standard ACL syntax specyfing the IP address and the port number. Note, however, that the IP address is the destination host/network in that case.
Regards, -- Piotr Kaluzny CCIE #25665 (Security), CCSP, CCNP Sr. Support Engineer - IPexpert, Inc. URL: http://www.IPexpert.com On Thu, Feb 18, 2010 at 5:31 PM, Kingsley Charles < [email protected]> wrote: > Hi all > > With the ASA webvpn filter, can we block L3 packets as we do for VPN > filter? I am able to block urls with the "url" option but with tcp, I am not > able to block pings or telnet that comes in the SVC tunnel.. > Does webfilter apply to SVC also? When do we use tcp option? > > > asa (config)# access-list web webtype deny ? > configure mode commands/options: > tcp Specify generic IP address and network based filtering for WebVPN > url Specify a URL to be used for filtering with WebVPN > > > > > > > With regards > Kings > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
