Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
347
Views
0
Helpful
1
Replies

deny remote lan in l2l

Amardeep Kumar
Level 1
Level 1

‎10-29-2010 07:50 AM

HI

I want to deny remote lan access of my lan and want to access remote lan. is there any way to deny.

I have l2l tunnel between pix and asa

Labels:
0 Helpful
1 Reply 1

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎10-29-2010 12:11 PM

Hi,

On a normal IPsec L2L tunnel all IP traffic is permitted to flow through the tunnel.

If you remove the command ''sysopt connection permit-ipsec'' then all traffic is checked by the outside ACL (you can filter the traffic that you need).

A better way is to use vpn-filter ACLs to allow only the desired traffic through the tunnel.

Federico.

0 Helpful
Customers Also Viewed These Support Documents