Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3966
Views
3
Helpful
7
Replies

Site-to-site VPN One way access?

Go to solution
bastion2011
Level 1
Level 1

‎12-13-2011 03:28 AM - edited ‎03-11-2019 03:01 PM

Hi

We have a Cisco ASA 5510 at our main office that makes connection with a 5505 at our other office using site to site VPN. (works)

Now for the qeustion,

we want to access our other office from the main office but we wont want them to have access to our servers etc.

so bassicly we want to control them but they shouldnt have the rights to control us.

is this possible with a site to site VPN? and how to do it

thanks already

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andrew.prince
Level 10
Level 10

‎12-13-2011 03:34 AM

You just need to configure an access list on the inside interface that either permits or denies traffic from the remote subnet.

Sent from Cisco Technical Support iPad App

View solution in original post

0 Helpful
7 Replies 7

Go to solution
andrew.prince
Level 10
Level 10

‎12-13-2011 03:34 AM

You just need to configure an access list on the inside interface that either permits or denies traffic from the remote subnet.

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
bastion2011
Level 1
Level 1
In response to andrew.prince

‎12-13-2011 03:44 AM

I have already tried that, but then i wasnt able to connect to them from the main office. i'm gonna try it again ill let you know if it worked. thanks for the reply

0 Helpful

Go to solution
vipinrajrc
Level 3
Level 3

‎12-13-2011 03:45 AM

Hi,

Create a ACL in your office to deny traffic from your branch to your office.

Also create a ACL in your branch office to permit traffic from your office to your branch.

Also bind this ACL to the outside interface of the ASA.

hope this helps

Thanks

Thanks and Regards, Vipin

Go to solution
ajay chauhan
Level 7
Level 7
In response to vipinrajrc

‎12-13-2011 03:53 AM

You can use VPN-filter which is basically ACL control traffic on VPN tunnel.

https://supportforums.cisco.com/message/3510743#3510743

0 Helpful

Go to solution
bastion2011
Level 1
Level 1
In response to ajay chauhan

‎12-13-2011 04:58 AM

Ok i got i working now, i can rdp them but they cant rdp us so thats good thanks alot!

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to bastion2011

‎12-13-2011 05:14 AM

Glad to help.

0 Helpful

Go to solution
bastion2011
Level 1
Level 1
In response to andrew.prince

‎12-13-2011 05:20 AM

Thanks

Met vriendelijke groet,

Jan Heskes

Directeur

Bastion ICT

Dichtbij en persoonlijk

Industrieweg 30c

4283 GZ Giessen

T: 0183 – 822 801

F: 0183 – 822 804

M: j.heskes@bastionict.nl

W : www.bastionict.nl<>

De informatie verzonden in dit e-mailbericht is vertrouwelijk en is uitsluitend bestemd voor de geadresseerde. Openbaarmaking, vermenigvuldiging, verspreiding en/of verstrekking van deze informatie aan derden is, behoudens voorafgaande schriftelijke toestemming van Bastion ICT niet toegestaan.

Denk aan het milieu voordat u deze e-mail uitprint.

Van: andrew.prince@monster.com

Verzonden: dinsdag 13 december 2011 14:14

Aan: Jan Heskes

Onderwerp: - Re: Site-to-site VPN One way access?

Home<>

Re: Site-to-site VPN One way access?

created by Andrew Prince<> in Firewalling - View the full discussion<>

Preview file
4 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card