How can I allow the access of only certain PCs in the site, which can access at the CE,to send traffic to the PE ?
Example, Here we have the prefixes p2 p4 and p5 at site2. p2 is both in VPN v1 and v2. p4 is only in VPN v1. p5 is not part of anything.
How can I configure a cisco CE (in this case the CE2) to discipline the access to the PE ? How can I say "p2 can talk with p1 and p3" and " p4 can talk only with p1 at site 1" and " p5 cannot communicate with anyone ?" How can CE2 discriminate the access at PE just looking at the prefix who made the request ? I need the esact Cisco configuration for This Network !!! thank you !!
so at the CE nothing can be done to deny the access from prefix p5 to talk in any vpns, and from p4 to say that it should only talk in the VPN v1 and NOT in the vpn v2 ?
Could you write me the esact configuration of CE( which should run OSPF only ? or BGP?) and of the PE looking at this picture ?? how can I Write this configuration esactly step by step in Cisco language??
I think I have helped you so far in order for you to be able to do it by yourself.
Sorry man but we are a community that supports clients and people trying to learn. We or at least I do not provide configuration from scratch or like that, I do that for my customers hehe
You already have the tools and information to make it happen,
Now is your turn to work on this,
By the way, remember to rate the helpful posts . For us that's a thanks as we do this for free.
Julio Carvajal Senior Network Security and Core Specialist CCIE #42930, 2xCCNP, JNCIP-SEC
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :