Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Adding to Jennifer's reply if your intent is also to block certain websites being accessed from the local LAN please check the below link,https://supportforums.cisco.com/docs/DOC-1268Regards,Usaid.
When tunnels are terminating on the router, that is the self zone, by default all the traffic is allowed, If you want to restrict access you need to create a self zone and add a zone-pair from WAN to Self.Hope this link will help you,http://inkling/?...
Thanks for the output, I dont understand why it is not working, everything seems to be in place, lets have the packet-tracer from the other away around now.packet-tracer input inside icmp 10.1.1.4 8 0 10.2.1.4 detailedIf the result for the output as ...
I guess you are not able to ICMP from 10.2.1.0/24 because, when you ping to 10.1.1.0/24 subnet, the echo-request packet goes straight via the switch to the machine, but the reply packet comes through the firewall and the firewall drops it.What you ca...
