Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN Config

Status
Not open for further replies.
ChrisGlobal

ChrisGlobal

MIS
Oct 30, 2012
4
US
Can anyone one tell me if I have the ACL on one side of a tunnel to have the interesting traffic as permit ip 10.0.0.0 0.255.255.255 10.1.81.0 0.0.0.255 and on the other side they have that same ACL reversed of course but also have other statements being that the ACL was used to declare more interesting traffic previously.

Any way. My question is will those extra statements cause problems for this IPsec Tunnel.
Thank you for any help.
 
Sort by date Sort by votes
Each one of those ACE's will be used to create an IPSec SA. Since you have at least one ACE that is the mirror opposite of the other side then traffic that matches that ACE will be deemed interesting. The other statements should be removed to clean things up and to reduce extra processing on the IPSec endpoint.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

quazimotto
  • Locked
  • Question
Cisco ASA_5505 VPN to Juniper_SRX210 VPN IS UP_ No Traffic!!!!!!
Replies
0
Views
75
quazimotto
quazimotto
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
403
BIS
BIS
Drug_Store
  • Locked
  • Question
Cisco 3560g 48ports PoE - config
Replies
1
Views
84
Drug_Store
Drug_Store
Tariq Habaybeh
  • Locked
  • Question
Cisco 881WD-E-K9 router configuration
Replies
1
Views
109
burtsbees
burtsbees
tviman
  • Locked
  • Question
Same subnet on each side of a VPN 1
Replies
2
Views
86
tviman
tviman

Part and Inventory Search

Sponsor

Back
Top