Remove the relevant entries from the crypto map statement.
Keep in mind that since the Asa use policy routing the VPN traffic that was previously heading out and being redirected by the crypto map will now continue on its journey, so you may want to add an outbound ACL to your OUTSIDE interface to stop this particular INSIDE traffic from leaking.
Removing the acl from the crypto map entry would be the simplest and the best way with the least amount of configurations.By removing the acl from the crypto map the asa will no longer encrypt that subnet/host to the peer ip.You may also have to adjust nat if you plan to send your traffic over another tunnel.However if you have an FTD you can go into access policies or site to site vpn and just click disable and the config will stay but not be applied.
Anouther way would be to block your peer ip address port 4500 and 500 inbound and outbound.
Community Live Event Video
Are you ready to level up your security? Learn more about how Cisco SecureX can help you simplify your security and maximize operational efficiency.
This event talks about Cisco SecureX, its benefits, features, and usage. Th...
Hi all,I cannot understand why is something working very well they create a way to complicate things in Cisco ASA OS. I have a rule :object network LOCAL_ADRESS1 host 192.168.20.12 nat (VLAN20,outside) source static LOCAL_ADRESS1 interface&...
It is our pleasure to officially announce the finalists in the 2021 IT Blog Awards. We are now looking to our amazing tech community to check out the amazing line up of bloggers, vloggers and podcasters. Make sure to vote for your favorites...
Community Live Event Slides
This event talks about Cisco SecureX, its benefits, features, and usage. The session includes sample use cases and live demonstrations.
Cisco expert Luis Silva talks about how this solution can integrate Cisco technology and ...
Hello All, Recently I got an opportunity to perform POC with Cisco ISE (2.7 Patch 4) and Aruba Wireless AP (IAP) to perform 802.1x EAP-FAST (machine + user) authentication followed by Posture Assessment on Windows 10 Machines (installed with AnyConnect 4....