cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

access lists for vpn site to site

carl_townshend
Frequent Contributor
Frequent Contributor

Hi all

Quick question, if I set up an office with a asa to my head office using a site to site tunnel, and i only want users to go across the tunnel and not be allowed internet,

whats the best access rule to set up, would it just be source as remote office and destination to the remote subnets in my HQ ?

cheers

Carl

1 ACCEPTED SOLUTION

Accepted Solutions

Dan-Ciprian Cicioiu
Rising star
Rising star

Hi Carl,

Yes. Supposingly your flows that should be tunneled are initiated only from remote Office to HQ , the source Remote Office and Destination HQ.

Dan

View solution in original post

2 REPLIES 2

Dan-Ciprian Cicioiu
Rising star
Rising star

Hi Carl,

Yes. Supposingly your flows that should be tunneled are initiated only from remote Office to HQ , the source Remote Office and Destination HQ.

Dan

I gather I will need to de-tick the box so the traffic going over the vpn doesnt bypass the access lists ?

or will i need to create a vpn filter ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: