Hi,
I have a Site to Site VPN over the Public Network (Internet) between two Pix Firewalls.
I want to Know that we have a crypto access-list for whole network. E.g.,
1) access-list vpn permit 192.168.28.0 255.255.255.0 10.10.16.0 255.255.255.0
2) access-list vpn-nonat permit 192.168.28.0 255.255.255.0 10.10.16.0 255.255.255.0
I want to exclude some of the IP's between this subnet. How will it be possible & best practice?
Regards,
Mubasher