12-15-2020 11:50 AM
Hi all, how are you?
I have a question that I hope you will help me with.
I have been doing some tests and I have noticed when I create a VPN site to site in ASA +8.3, and the internal interface does not have the pemit associated with the security level (allow any less secure network) I must create ACLs similar to the encryption domain. It's okay? is normal behavior? I have seen several manuals and none of them mention that I must create an ACL in addition to the encryption domain.
Solved! Go to Solution.
12-15-2020 11:58 AM
Hi @jfran10
Yes, if you have an ACL on the inside interface you have to permit traffic in order for it to be allowed. Most guides just cover setting up a VPN tunnel, it is expected the end user would already be permitting outbound traffic.
HTH
12-15-2020 11:58 AM
Hi @jfran10
Yes, if you have an ACL on the inside interface you have to permit traffic in order for it to be allowed. Most guides just cover setting up a VPN tunnel, it is expected the end user would already be permitting outbound traffic.
HTH
12-15-2020 12:03 PM
Thanks Rob.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide