The Scenario: I have a host "somewhere" bound to a vpn tunnel and I want to give access to an inside host. Is it sufficient to have a crypto access-list that defines the traffic from "somewhere" to me and a "static" entry or do I have to apply access-list to the outside interface itself, containing the expected traffic?
Best regards
Sebastian Koerner