cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1435
Views
0
Helpful
0
Replies

limit access to cisco asa ipsec interface

Hi All,

 

I want to limit access to cisco asa ipsec interface from internet? How this works? using control-plane access list?

 

Is this correct way to do this:

 

access-list vpn_control extended permit esp object-group vpn-peer-ips interface GE7
access-list vpn_control extended permit ah object-group vpn-peer-ips interface GE7

and

access-group vpn_control in interface GE7 control-plane

 

Just want to remove ipsec interface from other ips that are not in vpn-peer-ips group

br,

Eero

 

 

 

 

0 Replies 0

Review Cisco Networking for a $25 gift card