Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
765
Views
0
Helpful
5
Replies

VPN Enabled which interface?

CSCO10663272
Level 1
Level 1

‎01-13-2006 08:30 AM - edited ‎02-21-2020 02:11 PM

Hi,

Can someone give me some information on setting up a vpn

via PDM ver3.0

The PDM gives you the option to select the interface on

which you want it enabled ie Inside/outside.

Whats the difference between to 2.

Does setting up on the inside give you unrestricted

access to the inside and does it automatically make it

NAT excempt

If you set up on the outside interface then do you use

access-lists to restrict access.

Labels:
0 Helpful
5 Replies 5

benny.jr
Level 1
Level 1

‎01-13-2006 10:00 AM

are you doing vpn site-to-site or remote access?

0 Helpful

CSCO10663272
Level 1
Level 1
In response to benny.jr

‎01-13-2006 11:17 AM

Site to Site

0 Helpful

klnreddy2002
Level 1
Level 1
In response to CSCO10663272

‎01-13-2006 03:27 PM

Hey,

Try this command line config for site to site VPN

Preview file
52 KB
0 Helpful

jackko
Level 7
Level 7

‎01-14-2006 07:53 AM

regardless the type of vpn, it "always" applies on the outsite interface. the reason being the outside internet is the one connected to the internet, as well as the remote user or peer connected to.

alternatively, if there is a dmz interface that connected to wlan. then in order to configure remote vpn access for the wlan user, the crypto map should apply on the dmz interface.

0 Helpful

CSCO10663272
Level 1
Level 1
In response to jackko

‎01-14-2006 08:59 AM

Ok,

So when you start VPN wizard on the PDM,you select the type of VPN in this case site to site, you then have a option to select inside/outside.

Whats the difference between too.

If you select inside does this give hosts on the remote network full access to you internal network?

If you select outside, then do you need to create access list from the lower security interface outside to inside to allow access to you internal network?

Many thanks for all the replies

0 Helpful
Customers Also Viewed These Support Documents