01-31-2012 12:22 AM
siteA 10.10.10.1/24 ----s2s----- siteB 12.10.10.1/24
how do i control an incomming traffic from a remote site (ipsec site to site) as in how to block certain services/ip addresses ad so on ?
i tried to track to see what is the interface the encrypted traffic comes to in order to filter it .... but i dont see any matches on the outside in.
on which interface do i apply the access list ?
Solved! Go to Solution.
01-31-2012 12:44 AM
Basically you can do two things -
1) VPN filter
2) block at source
lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.
Thanks
Ajay
01-31-2012 12:44 AM
Basically you can do two things -
1) VPN filter
2) block at source
lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.
Thanks
Ajay
02-01-2012 08:51 AM
Thanks Ajay
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: