Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
323
Views
0
Helpful
3
Replies

vpn site to site and remote access , access lists

carl_townshend
Spotlight
Spotlight

‎02-25-2008 02:32 AM - edited ‎02-21-2020 03:34 PM

Hi all, we run remote access and site to site vpn on my asa, my question is Can I create an access list for the site to site tunnel, but still leave the remote access vpn to bypass the access list via the sysopt command, or if I turn this off will it affect both site to site and remote access vpn ?

Labels:
0 Helpful
3 Replies 3

acomiskey
Level 10
Level 10

‎02-25-2008 05:40 AM

If you turn off sysopt conn permit-vpn it will apply to both your site to site and remote access vpn...all ipsec traffic. You would have to use a vpn-filter for the site to site tunnel if you wanted to leave the sysopt in there.

0 Helpful

carl_townshend
Spotlight
Spotlight
In response to acomiskey

‎02-25-2008 06:23 AM

is this done under the group policy ?

0 Helpful

acomiskey
Level 10
Level 10
In response to carl_townshend

‎02-25-2008 06:36 AM

Yes.

group-policy attributes

vpn-filter value

0 Helpful
Customers Also Viewed These Support Documents