Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Group Policy Filter

Hi,

We currently have a site to site VPN with a client, so our users can access their servers. I would like to provide them access to a server at our site over a given port. The tunnel group is currently using the default group policy. The config I've put together to do this is:

access-list acl_client_access permit tcp host client_server host http_server eq 80

group-policy gp_client_access internal

group-policy gp_client_access attributes

vpn-filter value acl_client_access

vpn-tunnel-protocol IPSec

tunnel-group x.x.x.x general-attributes

default-group-policy gp_client_access

having applied the above config the tunnel came down and wouldn't come back up. Coudl someone confirm whether the above config is correct for what I'm trying to achive? Also, would the customer need to make any changes to the tunnel at their end?

Thanks in advance.

1 REPLY

Re: Group Policy Filter

try to add this line

access-list acl_client_access permit tcp host client_server eq 80 host http_server

good luck

121
Views
0
Helpful
1
Replies
CreatePlease to create content