cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
550
Views
0
Helpful
2
Replies

controlling VPN traffic with ACLs? on ASA 8.4

Leon Khanan
Level 1
Level 1

siteA 10.10.10.1/24 ----s2s----- siteB 12.10.10.1/24

how do i control an incomming traffic from a remote site (ipsec site to site) as in how to block certain services/ip addresses ad so on ?  

i tried to track to see what is the interface the encrypted traffic comes to in order to filter it .... but i dont see any matches on the outside in.

on which interface do i apply the access list ?

1 Accepted Solution

Accepted Solutions

ajay chauhan
Level 7
Level 7

Basically you can do two things -

1) VPN filter

2) block at source

lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.

Thanks

Ajay

View solution in original post

2 Replies 2

ajay chauhan
Level 7
Level 7

Basically you can do two things -

1) VPN filter

2) block at source

lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.

Thanks

Ajay

Thanks Ajay

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: