If I have a vpn site to site tunnel with only one host on each end, how do I block everything except those two hosts talking together and still use the vpn tunnel so that the data is encrypted?
Using two 2921 routers connected across ethernet interfaces how do I set up a routing protocol to go from one host on one router to another host on the other router?
Ok, but if I use an ACL not in the crypto map just to block ports from being used at all, is there a way to do that without naming every port that must be blocked? For example, I have an access list like the one above used for the tunnel, but then I...
Do I have to explicitly deny every port that is not used or can't be used such as 23, 80 (it doesnt connect to the internet but connects on a leased line) and all other well known ports?
