Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
264
Views
0
Helpful
1
Replies

SITE TO SITE VPN ACCESS LIST

jon_panes24
Level 1
Level 1

‎11-26-2014 09:25 PM

Hi Guys,

 

I want to establish site to site VPN. I am new to VPNs.

 

I have this network.

 

10.1.1.1|----ASA---->>Internet<<----ASA----|20.1.1.1

 

My default permissions would be deny all, what useful access-list can i apply to establish the Phase 1 and 2 of IKE? What other specific per protocol access list can I add to allow access from 10.1.1.1 to 20.1.1.1 and vice versa.

 

 

thanks!!

 

Labels:
0 Helpful
1 Reply 1

Deepak Chauhan
Level 1
Level 1

‎11-27-2014 01:32 AM

Hi Buddy,

 

For site to site VPN you need to create interesting traffic access-list.

 

ASA1 (10.1.1.1)

access-list S2SVPN_Traffic permit ip host 10.1.1.1 host 20.1.1.1


ASA2 (20.1.1.1)
access-list S2SVPN_Traffic permit ip host 20.1.1.1 host 10.1.1.1

 

 

 

0 Helpful
Customers Also Viewed These Support Documents