I am building a lab for my company's future ASA 5506-X [9.8(2)] deployments [Replacing the 881 router] to run Easy VPN back to our campus. We will have a couple of clients in the 'Inside' bridged ports that will reach out back to our main campus. A huge security flaw with EZVPN is that any Joe can take the firewall home and connect to our remote network, so we use MAC Filtering. A problem I have seen is that I don't see how MAC filtering can be applied to the BVI. The Cisco rep I have been emailing with has not been that helpful, either.
Is there some network magicks for this? The easy solution would be to not use a BVI and use a switch, but we want to replace switches with the free ports on the 5506-X.
Thanks in advance!
No comments:
Post a Comment