adding access list for site to site tunnel on cisco asa

Unanswered Question
Feb 21st, 2008
User Badges:

Hi all, I have created a vpn tunnel on my asa to another site, I know there is the option for the tunnel to bypass access lists,"sysopt", but I want to apply an access list to the tunnels, where do I apply this list using the gui. is it under firewall tab, or the vpn tab then acl manager ? also how do I apply this access list to the tunnel, or do I not do that ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Thu, 02/21/2008 - 07:13
User Badges:
  • Green, 3000 points or more


You can leave the sysopt in and create a vpn-filter. This is located in the group policy. The other option is to remove the sysyopt and write the access in your regular interface acls. This would be done in the config -> firewall -> access rules/policy.


This Discussion