Alright, so just as a sanity check, I've got a question for the group. When configuring the crypto acls that define interesting traffic for a tunnel, are we able to use summaries?
So lets say site B is 10.5.10.0/24 and site A can be summarized with 10.10.0.0/16. Is it acceptable to write something like below for the crypto acl?
access-list 101 permit ip 10.5.10.0 0.0.0.255 10.10.0.0 0.0.255.255
Site A would have the following networks
Then on head end device, the the acls would be:
access-list 101 permit ip 10.10.0.0 0.0.255.255 10.5.10.0 0.0.0.255
Thanks for any feedback!
Go to Solution.
Yes, that's perfectly fine.
As long as we have routes configured properly, nothing should stand in your way from configuring the acl's like that.
View solution in original post
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: