Site-to-Site IPsec VPN & Outside ACL

Unanswered Question
Mar 25th, 2010
User Badges:
  • Silver, 250 points or more

Order of operation qtn.


When ipsec is terminated on an ISR for site-to-site vpn, is the acl bound to the outside interface invoked before crypto acl or after?


thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Thu, 03/25/2010 - 11:53
User Badges:
  • Purple, 4500 points or more

The crypto ACL is not associated with the outside interface, so the ACL on the interface is filters first.

Actions

This Discussion