Hi,
I have an existing site2site connection. How do I limit access from the remote net to certain hosts on the inside network.
I tried with a deny in the cryptomap acl but it does not seen to work.
As a test I tried to deny access to 10.10.20.50:
access-list outside_cryptomap_4 extended deny ip 192.168.99.0 255.255.255.0 host 10.10.20.50
access-list outside_cryptomap_4 extended permit ip 10.10.0.0 255.255.0.0 192.168.99.0 255.255.255.0
But I can still telnet 10.10.20.50 on port 80 from a server on the remote network.
Thanks in advance.
I have an existing site2site connection. How do I limit access from the remote net to certain hosts on the inside network.
I tried with a deny in the cryptomap acl but it does not seen to work.
As a test I tried to deny access to 10.10.20.50:
access-list outside_cryptomap_4 extended deny ip 192.168.99.0 255.255.255.0 host 10.10.20.50
access-list outside_cryptomap_4 extended permit ip 10.10.0.0 255.255.0.0 192.168.99.0 255.255.255.0
But I can still telnet 10.10.20.50 on port 80 from a server on the remote network.
Thanks in advance.
