01-31-2012 12:22 AM
siteA 10.10.10.1/24 ----s2s----- siteB 12.10.10.1/24
how do i control an incomming traffic from a remote site (ipsec site to site) as in how to block certain services/ip addresses ad so on ?
i tried to track to see what is the interface the encrypted traffic comes to in order to filter it .... but i dont see any matches on the outside in.
on which interface do i apply the access list ?
Solved! Go to Solution.
01-31-2012 12:44 AM
Basically you can do two things -
1) VPN filter
2) block at source
lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.
Thanks
Ajay
01-31-2012 12:44 AM
Basically you can do two things -
1) VPN filter
2) block at source
lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.
Thanks
Ajay
02-01-2012 08:51 AM
Thanks Ajay
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide