I have an ASA with several LAN-to-LAN VPNs and I have enabled "sysopt connection permit-vpn" but I would like to filter the incoming traffic in one VPN to deny some ports and allow the rest.
The problems is that how I have other VPNs and I have enabled "sysopt connection permit-vpn" if I disable it I will lose conectivity for the rest of VPNs.
Is there any way to filter only the traffic that arrive through a specific LAN-to-LAN VPN?
Yes, use the vpn-filter command.
Please rate helpful posts.