Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Site-to-site VPN won't work with very specific ACLs

Can anyone explain why I have no problems with a VPN using this ACL:

permit ip 172.18.85.0 0.0.0.255 10.11.0.0 0.0.0.255

but this one:

permit ip 172.18.85.0 0.0.0.255 10.11.0.0 0.0.7.255 doesn't work?

I am only narrowing down the number of networks on the 10.11. side.

2 REPLIES

Re: Site-to-site VPN won't work with very specific ACLs

Community Member

Re: Site-to-site VPN won't work with very specific ACLs

Part of the problem is that one endpoint is Microsoft ISA which has very limited VPN abilities. It won't let me match ACLs exactly.

207
Views
5
Helpful
2
Replies
CreatePlease to create content