Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Filter on VPN Concentrator 3000

Hi,

I am creating VPN tunnel between ASA and Cisco VPN Concentrator 3000. I have control on VPN Concentrator.

I have allowed the IP traffic for interesting traffic on Tunnel. I am looking for ACL Filter on tunnell in inbound direction. Our network on 20.x.x.x & Client ASA netowrk is 10.x.x.x.

I am little bit confused with Concentrator. I have  allowed Inbound subnet 10.x.x.x to reach our netwoek 20.x.x.x on Port-80. Should I allow the reverse traffic towards outbound also. Please help.

4 REPLIES

Re: Filter on VPN Concentrator 3000

Hi,

Under the group you create the appropiate filter to allow only the desired traffic.

How have you set it up?

What's the result? The filter is not working?

Federico.

New Member

Re: Filter on VPN Concentrator 3000

I have allowed interesting traffic with whole IP for source and destination subnet , that is ok. This is not my concerned. So there is no problem in Tunnell configuration.

I am looking for filter like remote network 10.x.x.x can only browse our network 20.x.x.x for http request. I have applied filter on inbound direction. My concern is, should I open reverse traffic on outbound direction also?

Re: Filter on VPN Concentrator 3000

It's been a while since the last concentrator, but I remember that you should permit http on both directions.

So, you create an inbound and outbound filter to allow the web transactions between those IPs.

Have you tested the filer already?

Federico.

New Member

Re: Filter on VPN Concentrator 3000

so one acl will INBOUND  -- source 10.x.x.x, Source port- any, Destination- 20.x.x.x, Destination port- 80

OUTBOUND- source 20.x.x.x, Source port- 80, Destination- 10.x.x.x, Destination port- any

254
Views
0
Helpful
4
Replies
CreatePlease to create content