I have an asa 5505 i will be setting up a site to site tonight with a company we are going to support. All i need to be able to do is rd into the servers. However i do not want them to have access to our network. If i remember right all i should have to do is set the vpn to one way. Is this correct? Will this cause any issues with transfering data or rd to the servers on the other side? Do i need to do anything with ACL's?
I read through the doc and am a little confused. Isn't there an option when you setup the vpn through the gui to setup a one way? If not can you explain a little more about how to do the filter? Instead of using access-list 103 can you use access-list company name?
This site to site is being setup from external to external with the 2 interior protected lan's. There is no NAT. I setup the protected network on our side to one single computer. So the protected lan on our side was the one server and on their side i setup a grouping of 3 internal networks. (turns out that they needed access to ports on one of my servers). I am still trying to figure out how to setup just a one way connection through the GUI. It has been a while for me on ASA's so be gentle I am trying to remember all this. How do i set it up through nat/pat? I use the gui to setup the L2L.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...