We have a site-to-site VPN tunnel setup and functioning properly from our office to the datacenter. However, the datacenter machines are also able to establish connections such RDP and UNC paths to our office desktops.
I want to restrict the traffic to one way only. I want to be able to allow all traffic from the office towards the datacenter but block vice versa. When I try it with an ACL, I also block office to the datacenter. When I edit the cryptomap, my entire VPN tunnel disconnects. How can I setup a one way traffic flow properly?
Firewalls on both sides are ASA 5510.