Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Which networks are sent to the EZvpn Headend ?

Does anyone know which networks are selected by the harware client to be sent to the vpn headend device?  Are the networks select from the static routes? or from the routes on the routing table (received via a routing protocol?)? is there a way to influence this decision?

thanks!

Diogo

Everyone's tags (3)
5 REPLIES
Cisco Employee

Re: Which networks are sent to the EZvpn Headend ?

Hi Diogo,

That decision is made by the ACL pushing down from EZVPN server.

HTH,

Lei Tian

New Member

Re: Which networks are sent to the EZvpn Headend ?

I'm talking abotu an ezvpn setup where the headend has a dynamic crypto-map configured.  Much like the one show here :

http://www.cisco.com/en/US/docs/routers/access/1800/1841/software/configuration/guide/ezvpn.pdf

Diogo

Cisco Employee

Re: Which networks are sent to the EZvpn Headend ?

Hi Diogo,

We are talking about the same thing. Search 'acl SPLIT_T' in the document you were looking for. This is the ACL used to control what traffic will be sent to headend.

HTH,

Lei Tian

New Member

Re: Which networks are sent to the EZvpn Headend ?

OK,  you're right.  But what if I don't want to use split tunnel? Or do I must?

Diogo

Cisco Employee

Re: Which networks are sent to the EZvpn Headend ?

Hi Diogo,

That's how EZVPN works. Everything is controlled from server side. If you want more control from the client, run site to site vpn or gre + ipsec.

HTH,

Lei Tian

313
Views
0
Helpful
5
Replies
CreatePlease to create content