Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
661
Views
0
Helpful
0
Replies

Configure L2L VPN on firepower 1010 using ACL instead of network object?

wff68197
Level 1
Level 1

‎10-03-2019 07:55 AM - edited ‎02-21-2020 09:33 AM

Trying to find a way to create a site to site tunnel using something more similar to ACL on ASA.  For example we have a remote appliance that needs to have a site to site to main network using 10.0.0.0/8 as destination (or would have to list out 100+ /16's).  Same remote site needs to be able to create site to site tunnels to more specific other locations also in 10.0.0.0 (example 10.50.10.0/24).  In ASA we could build an acl to deny the few remote sites and then permit the /8 in the L2L match statement for corporate tunnel.    Firepower wont allow creation of overlapping.  Any workaround for this short of having to breakout all the subnets?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card