Group Policy Filter

Unanswered Question
Sep 24th, 2008
User Badges:


We currently have a site to site VPN with a client, so our users can access their servers. I would like to provide them access to a server at our site over a given port. The tunnel group is currently using the default group policy. The config I've put together to do this is:

access-list acl_client_access permit tcp host client_server host http_server eq 80

group-policy gp_client_access internal

group-policy gp_client_access attributes

vpn-filter value acl_client_access

vpn-tunnel-protocol IPSec

tunnel-group x.x.x.x general-attributes

default-group-policy gp_client_access

having applied the above config the tunnel came down and wouldn't come back up. Coudl someone confirm whether the above config is correct for what I'm trying to achive? Also, would the customer need to make any changes to the tunnel at their end?

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Wed, 09/24/2008 - 04:27
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

try to add this line

access-list acl_client_access permit tcp host client_server eq 80 host http_server

good luck


This Discussion