Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
1
Helpful
1
Replies

L2L VPN ACL-- passively permits, or aggressively routes the traffic?

Go to solution
jmaxwellUSAF
VIP
VIP

‎09-28-2023 07:16 AM - last edited on ‎09-28-2023 10:44 PM by Community Manager

Hello.

Within an ASA5525 policy based L2L VPN configuration, in that config ACL, if I insert the command... 

access-list COMPANY-ACCESS-LIST extended permit ip 10.0.0.0 255.0.0.0 172.16.5.0 255.255.255.0

Will this simply passively permit any traffic from 10.0.0.0/8 to enter this tunnel if it is already routed through the tunnel, or does this aggressively route all 10.0.0.0/8 traffic through this tunnel?

(I worry that I will route my whole enterprise through this tunnel and offline the enterprise.)

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎09-28-2023 07:27 AM

It id policy based vpn ? If Yes then acl you use for policy have no effect at all in routing traffic.

You need first to route traffic through the interface that apply vpn on it then vpn will work.

View solution in original post

1 Reply 1

Go to solution
MHM Cisco World
VIP
VIP

‎09-28-2023 07:27 AM

It id policy based vpn ? If Yes then acl you use for policy have no effect at all in routing traffic.

You need first to route traffic through the interface that apply vpn on it then vpn will work.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card