I will be running a cisco router and ASA at the edge of my network. I want to have VPNs terminating at the ASA and authenticate to the Windows 2003 domain (certificates or just using kerberos to the DC, suggestions welcome). Now, what I want is that if people are VPNing in from a home computer, they can then RDP to their computer in the network. Now, since it is a VPN, I should be able to block any RDP at the router using ACLs and at the ASA right? What do I put in my router ACL to allow a VPN passthrough?
Thanks in advance.