Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
1
Replies

IPSEC - VPN

Mubasher Sultan - 2x CCIE # 20149 (R&S | Sec)
Level 1
Level 1

‎09-27-2007 01:02 AM - edited ‎02-21-2020 03:17 PM

Hi,

I have a Site to Site VPN over the Public Network (Internet) between two Pix Firewalls.

I want to Know that we have a crypto access-list for whole network. E.g.,

1) access-list vpn permit 192.168.28.0 255.255.255.0 10.10.16.0 255.255.255.0

2) access-list vpn-nonat permit 192.168.28.0 255.255.255.0 10.10.16.0 255.255.255.0

I want to exclude some of the IP's between this subnet. How will it be possible & best practice?

Regards,

Mubasher

Labels:
0 Helpful
1 Reply 1

grahambartlett
Level 1
Level 1

‎10-04-2007 02:59 AM

What networks/hosts do you want to exclude?

0 Helpful
Customers Also Viewed These Support Documents