Firewall Wizards mailing list archives

Re: Cisco PIX - "Allow inbound IPsec sessions to bypass interface access lists"

From: Eric Gearhart <eric () nixwizard net>
Date: Sat, 16 May 2009 12:37:00 -0700

Sorry I accidentally sent that last email prematurely... anyway under
"Default Group Policy" if you click manage there should be a
"DfltGrpPolicy." You can create your own custom Group Policy for this
tunnel, and specify a filter for this group policy. The filter you
select is just an extended access list, and your "source" is the
remote network from your VPN peer, "destination" is your local
networks on your local ASA.

Here's the obligatory Cisco link that explains all this:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9a87.shtml

--
Eric
http://nixwizard.net
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Cisco PIX - "Allow inbound IPsec sessions to bypass interface access lists" Michael Tewner (May 13)
- Re: Cisco PIX - "Allow inbound IPsec sessions to bypass interface access lists" Farrukh Haroon (May 14)
- Re: Cisco PIX - "Allow inbound IPsec sessions to bypass interface access lists" Paul Melson (May 14)
- Re: Cisco PIX - "Allow inbound IPsec sessions to bypass interface access lists" Eric Gearhart (May 17)
- Re: Cisco PIX - "Allow inbound IPsec sessions to bypass interface access lists" Eric Gearhart (May 17)
  - Re: Cisco PIX - "Allow inbound IPsec sessions to bypass interface access lists" Michael Tewner (May 24)