Hi,

We currently have a site to site VPN with a client, so our users can access their servers. I would like to provide them access to a server at our site over a given port. The tunnel group is currently using the default group policy. The config I've put together to do this is:

access-list acl_client_access permit tcp host client_server host http_server eq 80

group-policy gp_client_access internal

group-policy gp_client_access attributes

vpn-filter value acl_client_access

vpn-tunnel-protocol IPSec

tunnel-group x.x.x.x general-attributes

default-group-policy gp_client_access

having applied the above config the tunnel came down and wouldn't come back up. Coudl someone confirm whether the above config is correct for what I'm trying to achive? Also, would the customer need to make any changes to the tunnel at their end?

Thanks in advance.