cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1599
Views
15
Helpful
6
Replies

Route Based L2L VPN tunnel between Cisco ASA and Azure Cloud

ravindra962
Level 1
Level 1

Hello Guys

 

I am trying to build a Route Based L2L VPN tunnel between my Cisco ASA running 9.8 Code and Azure CLoud.

I have a Basic Idea on the Configuration of the Route Based VPN tunnel. But I would like to know is it possible to Configure ACL's in this Route Based VPN tunnel to restrict traffic that traverses through the tunnel? If so, how to configure it?

 

Any Help would be much appreciated.

 

Thanks

Ravi

1 Accepted Solution

Accepted Solutions

Yes, routed based VPNs still use a group-policy, which is where you need to define the use of a VPN Filter.

View solution in original post

6 Replies 6

Hi,

You could implement VPN Filter to restrict traffic over this VPN. Example here.

 

HTH

So the Regular VPN filter that we use to configure more controlled ACL's in a Policy Based VPN tunnel works for Route Base VPN tunnel too?

Yes, routed based VPNs still use a group-policy, which is where you need to define the use of a VPN Filter.

You can put a regular ACL on the tunnel-interface. That is very often easier to handle than a vpn-filter.

I am using a VTI on the Cisco end for this route based VPN. Would I still be able to apply an outbound ACL to the VTI?

VTI is the implementation of route-based VPNs on Cisco ASA/IOS.

I never used outbound ACLs on tunnel interfaces, only inbound. But I assume it should work.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: