Our VPN users use VPN clients to connect to our network (ASA) and Windows IAS to allow the user access beyond that point.
I have a question .. Is there a way to control what network addresses/ ranges can be accessed by the users by way of administration through the ASA? or is this something that cant be done?
The goal is to prevent users from trying to telnet, ssh, etc to other routers/devices in the network once inside..
any recommendations are appreciated..