Could anyone help me with the following issue?
I want to filter traffic between two ezvpn (ios) clients. The hub is an ASA running 8.04 code.
client1 is allowed to access the local networks of client2, but client2 is not allowed to access client1 local subnet. both clients are allowed to access the inside network of the asa
Both client networks are known to the ASA by means of RRI.
I read that in vpn-filter acl the source part is used for the remote network and the destination part for the local network.
I was thinking of using the vpn-filter feature and link it to the user1 and user2 account. Something like this:
username user1 password pwd1
username user1 attributes
username user2 password pwd1
username user2 attributes
access-list acl1 ip permit any any
access-list acl2 ip permit subnet1 mask1 inside_net inside_mask
Unfortuantly this is not working....why...? any ideas how to fix this?