Restrict site-to-site traffic

IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
Guest

Restrict site-to-site traffic

Post by Guest » Thu Jan 06, 2011 1:00 pm

Hi everyone, I have a quick question I hope: whats the best way to restrict certain protocols to pass through a site-to-site tunnel ? Should I edit de ACL which is assigned to the crypto map or should I create a new ACL and assign it to the interface ? Thanks in advance, Ronald

Guest

Re:Restrict site-to-site traffic

Post by Guest » Thu Jan 06, 2011 2:05 pm

Hi,Is this on a router or a firewall?If you are using a firewall you can use the vpn-filter commandhttp://www.cisco.com/en/US/products/hw/vpndevc ... 9a87.shtml

Guest

Re:Restrict site-to-site traffic

Post by Guest » Thu Jan 06, 2011 2:49 pm

Hi Sean, It is a 1803 ISR. Regards, Ronald

Guest

Re:Restrict site-to-site traffic

Post by Guest » Thu Jan 06, 2011 4:09 pm

Hi, editing the ACL attached to crypto map will do the trick. Regards. Alain.

Guest

Re:Restrict site-to-site traffic

Post by Guest » Thu Jan 06, 2011 5:28 pm

Hi Alain, Thanks for the info. Im gonna try that one. Regards, Ronald

Post Reply