We have a partner company that we will be doing some network monitoring for. For connectivity, we have configured an L2L IPsec VPN between our ASA 5520 and their ASA 5510, which works fine. I want to restrict the tunnel such that only return traffic from the partner network comes back to us. Is there any way to accomplish this?
I'll expand on this since noone's responded yet. The IPsec tunnel is up and working fine. What is being asked of me is to configure it to behave like a NAT firewall - that is, we will be able to hit them, but only our return traffic will be allowed back in. I've played with the filters a bit, which sort of works, but still does not do what we want.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...