cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
418
Views
0
Helpful
2
Replies
Leon Khanan
Beginner

controlling VPN traffic with ACLs? on ASA 8.4

siteA 10.10.10.1/24 ----s2s----- siteB 12.10.10.1/24

how do i control an incomming traffic from a remote site (ipsec site to site) as in how to block certain services/ip addresses ad so on ?  

i tried to track to see what is the interface the encrypted traffic comes to in order to filter it .... but i dont see any matches on the outside in.

on which interface do i apply the access list ?

1 ACCEPTED SOLUTION

Accepted Solutions
ajay chauhan
Rising star

Basically you can do two things -

1) VPN filter

2) block at source

lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.

Thanks

Ajay

View solution in original post

2 REPLIES 2
ajay chauhan
Rising star

Basically you can do two things -

1) VPN filter

2) block at source

lets say you want to block port 80 from site A- Then apply acl on inside interface in direction . or use vpn filter at site B.

Thanks

Ajay

View solution in original post

Thanks Ajay