I have setup a VPN between a Cisco 877 DSL router to a Cisco Concentrator. It all works, and I (My PC 192.168.20.10) can access 172.30.2.10 (A PC on the 877 LAN) - great.
1.) But why is it I can remove the ACL called "inbound" from the "dialer 1" interface inbound and nothing is affected. The traffic all still works. Surely removing this should stop my accessing the remote PC on the 877.
It is as if the ACL is being bypassed.
2.) Has it got anything to do with the SA's on each side of the tunnel? "access-list 101 permit ip 172.30.2.0 0.0.0.255 any"
3.) I'm not sure if the SA or as some call them "protected networks" which would be 172.30.2.0/24 and "any" are allowing the traffic through?