@SamsonOjo The webdeploy image on the ASA is only for deployment from when connecting to the ASA itself, upgrades etc.
You could download the predeploy image from the cisco website in order to manually install. https://software.cisco.com/download/ho...
@enzo99 the "sysopt connection permit-vpn" command in global configuration mode is used to allow the traffic to bypass interface access lists. If you don't have that command configured then you'd need to explicitly permit the traffic in an ACL.
It so...
@enzo99 the command "sysopt connection permit-vpn" mentioned by @Network Diver would override the interface ACL for VPN traffic, so no you would not. Also, that command is enabled by default.
In regard to the original question, is the ACL a control p...
@enzo99 if using a policy based VPN, then you need need to configure the crypto ACL define the interesting traffic to be encrypted and tunneled over the VPN.
Is it a control plane ACL on the ASA? That could be used to permit the establishment of the ...
@isquare Use a control plane ACL - https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-threat-defense/221457-configure-control-plane-access-control-p.html