Site-to-Site IPsec VPN & Outside ACL

Unanswered Question
Mar 25th, 2010

Order of operation qtn.

When ipsec is terminated on an ISR for site-to-site vpn, is the acl bound to the outside interface invoked before crypto acl or after?

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Thu, 03/25/2010 - 11:53

The crypto ACL is not associated with the outside interface, so the ACL on the interface is filters first.

Actions

This Discussion