One Way Tunnel Pix to Pix vpn

Unanswered Question
Nov 28th, 2007

Is there a way to only allow traffic in one direction using 2 Pix 506e's?

I would like one site to be able to initiate traffic with the other but not in the opposite direction.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
irisrios Wed, 12/05/2007 - 12:19

In order to have the VPN tunnel be initiated only from one end, configure the one end of the connection as originate-only with the originate-only keyword in the crypto map entry, and the remote end with answer-only keyword. Add the line crypto map outside_map 20 set connection-type originate-only and crypto map vpn_map 20 set connection-type answer-only respectively. Refer URL http://www.cisco.com/en/US/customer/docs/security/asa/asa72/command/reference/c5_72.html#wp2069381

Actions

This Discussion