Re: Vpn filter in route based ipsec l2l tunnel

megumi35 · ‎10-08-2023

Hello folks, Just wanted to know that can we configure vpn-filter in route base ipsec tunnel in cisco asa. I know its working in policy based but does it work similar way in route base vpn ? Anyone tested it ?

https://19216801.onl/ https://routerlogin.uno/

balaji.bandi · ‎10-08-2023

check below use case : (hope this help you )

https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/214230-configure-policy-based-and-route-based-v.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

M02@rt37 · ‎10-08-2023

Hello @megumi35,

Wiith a route-based VPN, you can achieve similar traffic filtering and control by employing ACLs to match the desired traffic. These ACLs are then used in the configuration to control what traffic is allowed to traverse the VPN tunnel.

Define ACL:

access-list VPN_TRAFFIC extended permit ip <source-network> <source-wildcard> <destination-network> <destination-wildcard>

Apply this ACL on crypto map:

crypto map VPN_MAP <seq-num> match address VPN_TRAFFIC

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

MHM Cisco World · ‎10-08-2023

Vpn-filter work for policy based vpn

But for router based VPN apply acl directly to tunnel interface. That all what you need I think.