One Way Tunnel Pix to Pix vpn

Unanswered Question
Nov 28th, 2007
User Badges:

Is there a way to only allow traffic in one direction using 2 Pix 506e's?

I would like one site to be able to initiate traffic with the other but not in the opposite direction.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
irisrios Wed, 12/05/2007 - 12:19
User Badges:
  • Silver, 250 points or more

In order to have the VPN tunnel be initiated only from one end, configure the one end of the connection as originate-only with the originate-only keyword in the crypto map entry, and the remote end with answer-only keyword. Add the line crypto map outside_map 20 set connection-type originate-only and crypto map vpn_map 20 set connection-type answer-only respectively. Refer URL


This Discussion