Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
867
Views
0
Helpful
1
Replies

IPSEC site to site VPN ACL Question

Go to solution
legerity1_2
Level 1
Level 1

‎11-08-2010 06:00 AM - edited ‎02-21-2020 04:57 PM

Alright, so just as a sanity check, I've got a question for the group.  When configuring the crypto acls that define interesting traffic for a tunnel, are we able to use summaries?

So lets say site B is 10.5.10.0/24 and site A can be summarized with 10.10.0.0/16. Is it acceptable to write something like below for the crypto acl?

access-list 101 permit ip 10.5.10.0 0.0.0.255 10.10.0.0 0.0.255.255

Site A would have the following networks

10.10.0.0/24

10.10.1.0/24

etc.

Then on head end device, the the acls would be:

access-list 101 permit ip 10.10.0.0 0.0.255.255 10.5.10.0 0.0.0.255

Thanks for any feedback!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Praveena Shanubhogue
Level 1
Level 1

‎11-08-2010 06:29 AM

Hi There,

Yes, that's perfectly fine.

As long as we have routes configured properly, nothing should stand in your way from configuring the acl's like that.

Regards,

Praveen

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Praveena Shanubhogue
Level 1
Level 1

‎11-08-2010 06:29 AM

Hi There,

Yes, that's perfectly fine.

As long as we have routes configured properly, nothing should stand in your way from configuring the acl's like that.

Regards,

Praveen

0 Helpful
Customers Also Viewed These Support Documents