Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN Enabled which interface?


Can someone give me some information on setting up a vpn

via PDM ver3.0

The PDM gives you the option to select the interface on

which you want it enabled ie Inside/outside.

Whats the difference between to 2.

Does setting up on the inside give you unrestricted

access to the inside and does it automatically make it

NAT excempt

If you set up on the outside interface then do you use

access-lists to restrict access.

New Member

Re: VPN Enabled which interface?

are you doing vpn site-to-site or remote access?

New Member

Re: VPN Enabled which interface?

Site to Site

New Member

Re: VPN Enabled which interface?


Try this command line config for site to site VPN


Re: VPN Enabled which interface?

regardless the type of vpn, it "always" applies on the outsite interface. the reason being the outside internet is the one connected to the internet, as well as the remote user or peer connected to.

alternatively, if there is a dmz interface that connected to wlan. then in order to configure remote vpn access for the wlan user, the crypto map should apply on the dmz interface.

New Member

Re: VPN Enabled which interface?


So when you start VPN wizard on the PDM,you select the type of VPN in this case site to site, you then have a option to select inside/outside.

Whats the difference between too.

If you select inside does this give hosts on the remote network full access to you internal network?

If you select outside, then do you need to create access list from the lower security interface outside to inside to allow access to you internal network?

Many thanks for all the replies