Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

access-list in VPN

Hi

I want all data when pass through router are encrypt. for this i can put only access-list 0.0.0.0 host 0.0.0.0

it is right or wrong ?.

Thanks

Biplob

2 REPLIES

Re: access-list in VPN

Hi

Its not suggested to encrypt all the data which can hog your hardware resources like CPU & Memory.

Better try to encrypt the interesting traffic which can be your business critical application and have an impact on your business.

By encrypting the whole traffic you will end up in encrypting the internet traffic as well as other unecessary traffic which requires no encryption strength at all given to it.

regds

Silver

Re: access-list in VPN

Yes it is not good to encrypt all the traffic. If you still want to do it, make sure your crypto ACL will deny all traffic from the IPsec source to the IPsec peer

126
Views
0
Helpful
2
Replies