Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Filtering VPN traffic on a PIX Firewall

We want to make a VPN Tunnel between our PIX 515E and a customer VPN 3000.

We want this traffic to be restricted to smtp trafic.

Conduits or access-list applied to outside interface are useless, how can we do ?

2 REPLIES
Cisco Employee

Re: Filtering VPN traffic on a PIX Firewall

Create a VPN tunnel between the PIX and VPN3000 and in your IPSec match address ACL, permit the smtp traffic.

Use the following sample config as a template to build your config and change the ACL for smtp.

http://www.cisco.com/warp/customer/110/38.html

http://www.cisco.com/warp/customer/110/pix3000.html

more IPSec sample configs

http://www.cisco.com/warp/customer/707/index.shtml#ipsec

HTH

R/Yusuf

New Member

Re: Filtering VPN traffic on a PIX Firewall

Thank you for your help. Unfortunatly the IPSEC match address ACL are usually like:

access-list 101 permit ip 10.1.1.0 255.255.255.0 10.1.2.0 255.255.255.0

If I use an access-list like:

access-list 101 permit tcp 10.1.1.0 255.255.255.0 10.1.2.0 255.255.255.0 eq 25

The VPN doesn't work

84
Views
0
Helpful
2
Replies
CreatePlease to create content