Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
348
Views
0
Helpful
1
Replies

IPsec VPN - limit access

tomjoudals
Level 1
Level 1

‎08-03-2007 04:33 AM - edited ‎02-21-2020 03:11 PM

We need deploy IPSEC between two sites A and B (A is PIX 7.0 B is router 800 12.4)

But we need limit access in following way:

from A to B : few PCs remote desktop to one PC

from B to A : one PC to one server on one port...

I know that ACL defining interesting traffic should be mirrored but traffic what we need is not symetric... Is possible restrict access only for traffic i specified???

Labels:
0 Helpful
1 Reply 1

srue
Level 7
Level 7

‎08-03-2007 04:57 AM

mirror your acl's as you normally would. Then define regular interface acl's at either end to control/allow only the traffic you want in/out.

On the pix, if you have 'sysopt connection permit-vpn' enabled though, all vpn traffic will bypass interface ACL checking, so be careful if that command is enabled.

0 Helpful
Customers Also Viewed These Support Documents