04-22-2018 10:17 AM - edited 03-12-2019 05:13 AM
Hi,
I was wondering is it possible to add an access list for incoming traffic from a remote site over a site-to-site VPN.
In short I need to setup and site-to-site with a company so i can access a web server they are hosting. However i don't want the other company having access to our network, the VPN is purely for us to access the web server.
I understand I can change the crypto map, so only HTTPS traffic is allowed over the site to site from my end, can i do the same for inbound traffic, kind of like a reflexive access list?
Solved! Go to Solution.
04-22-2018 10:31 AM - edited 04-22-2018 10:33 AM
Hi,
You need to configure a VPN filter on the ASA, here are some examples:
https://www.fir3net.com/Firewalls/Cisco/review-cisco-asa-how-do-vpn-filters-work.html
https://popravak.wordpress.com/2011/11/05/cisco-asa-vpn-filter-as-i-see-it/
HTH
04-22-2018 10:31 AM - edited 04-22-2018 10:33 AM
Hi,
You need to configure a VPN filter on the ASA, here are some examples:
https://www.fir3net.com/Firewalls/Cisco/review-cisco-asa-how-do-vpn-filters-work.html
https://popravak.wordpress.com/2011/11/05/cisco-asa-vpn-filter-as-i-see-it/
HTH
04-23-2018 10:59 AM
Could you not apply a VPN filter from here?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide