02-24-2014 03:23 AM - edited 03-04-2019 10:25 PM
Guys,
I have two WAN connection, on both I have two IPSEC VPN. For one VPN I would like to apply access list which will limit access from remote LAN to my LAN.
My LAN: 10.0.0.0/23 , remote LAN: 192.168.220.0/24 .
In example I tried to limit access to host 10.0.0.100 with following config:
# ip access-extended 150
(config-ext-nacl)# permit ip 192.168.220.0 0.0.0.255 host 10.0.0.100
(config-ext-nacl)# deny ip 192.168.220.0 0.0.0.255 any
I applied above access list to my LAN interface as incoming rule but this caused no Internet access from my LAN.
Question is if above approach is correct and where such ACL should be applied.
Thanks in advance for any tip.
Piotr
Solved! Go to Solution.