My question is that how firewall route the traffic to 192 as it has no knowledge abt 192 address
you nmeed to have a static route for that remote network out of your outside interface. If you have a default-route, that's also fine.
second question is how can we do port restriction
Which device do you have? If it's an ASA then you can put an ACL into the tunnel, but that's not very comfortable for site-2-site-VPNs. You can also decide to filter the trafic the legacy way where you permit the traffic in the outside ACL.
You can also restrict the crypto-acl to your exact definition. But keep in mind that the ACL has to be mirrored on the other side and dynamic protocols like FTP won't work with that.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...