filtering ipsec traffic pix to pix

Discussion in 'Cisco' started by Martin Eden, Jan 13, 2004.

  1. Martin Eden

    Martin Eden Guest

    I have 2 pix
    i have created a vpn pix to pix
    now on pix1 i want to put some acl that limit
    the access from pix2 versus pix1 lan

    In other words
    the entire lan behind pix2 must have access only to 3 clients on pix1 lan

    I don't have the access to pix2 because it isn't mine

    What can I do?

    pix1 lan
    pix2 lan
    Martin Eden, Jan 13, 2004
    1. Advertisements

  2. Martin Eden

    Rik Bain Guest

    Disable "sysopt connection permit-ipsec" and use the outside access-list
    to filter the traffic.

    Rik Bain
    Rik Bain, Jan 13, 2004
    1. Advertisements

  3. Martin Eden

    Martin Eden Guest

    One thing another
    if I have 4 pix in fully meshed vpn
    and the 5th pix connetc in vpn to only one pix
    if I Disable "sysopt connection permit-ipsec"
    for the other what change in configuration

    i try to disable to every one "sysopt connection permit-ipsec"
    and modify the connection??????
    Martin Eden, Jan 14, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.