Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
666
Views
0
Helpful
2
Replies

Any connect VPN shape

IrakliNet
Level 1
Level 1

ā€Ž01-15-2021 05:58 AM

Hi,

We have Firepower 2100 and works as Asa.

We have VPN anyconnect with pool 10.80.10.1/23 and  want to shape VPN client traffic towards to our Data center servers.

I read a lot of documentation and I am a little bit confused.

I am trying to add second DHCP pool 10.80.20.0/24 and match that traffic with service policy.

But when adding second pool we can not reach any destination.

Should I add second DHCP pool in tunnel group and than in group police?

After that will it be possible to match 10.80.20.0/24 subnet with ACL and shape?

 

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

ā€Ž01-15-2021 06:18 AM

There is no traffic shaping on the ASA. You need to find a different place in the network to implement this.

0 Helpful

IrakliNet
Level 1
Level 1

ā€Ž01-18-2021 01:24 AM - edited ā€Ž01-18-2021 01:27 AM

What about policing ? same for that solution ?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents