Hi All
I have got an ASA on the main site connected to few ASAs on the remote site through VPN. On remote site ASAs there are dynamic ACLs created which cannot be seen in the configuration.
But when I issue the command "show access-list" then they can be seen. Don't know why they have been created. It shows like as below:
access-list AO_temp_vpn.hosted10; 1 elements; name hash: 0xa6a80175 (dynamic)
access-list AO_temp_vpn.hosted10 line 1 extended permit ip host 10.222.1.9 host 172.16.1.217 (hitcnt=20183) 0x3ced7956
There is no ACL created with the name AO_temp_vpn.hosted10. However the IP addresses shown in the ACL are the endpoints of the VPN. On one of the remote site ASA, I am trying to SSH the outside interface but I am unable to connect and everytime I try to connect I see the hitcount on the above ACL.
Does anyone know why the ACL was automatically created? Secondly why SSH traffic is hitting the ACL when it is not matching the interested VPN traffic.
The ASAs are running code 8.6(1)12
Thanks in Advance
Ibrahim