Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Lock down site to site VPN 1

Status
Not open for further replies.
chipCHE

chipCHE

IS-IT--Management
Aug 5, 2003
15
US
Greetings,

I just created a VPN from my Cisco Pix 515E to a Netscreen in a datacenter someone else manages.

The VPN is working fine; however, I would like to limit the traffic between sites to rdp. My Question is: What access-list do i make these entrys in. I have tried the access-list that is used to tag interesting traffic to be encrypted. I have also tried access-lists in both the inside and outside interfaces.

Regards and thanks in advance
 
Sort by date Sort by votes
You're on the right track.
Take out the following line from you config
sysopt connection permit ipsec
This allows all VPN traffic to bypass ACL's. Apply your ACL's to the inside and outside interface and you should be up and running.




Brent
Systems Engineer / Consultant
CCNP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
292
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
307
Johnkite
Johnkite
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
301
intel233
intel233
wrighbr1
  • Locked
  • Question
Cisco ASA 5505 site to site VPN problem
Replies
0
Views
61
wrighbr1
wrighbr1
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
128
gkittelson
gkittelson

Part and Inventory Search

Sponsor

Back
Top