PIX VPN Questions
Posted on 2004-04-09
I am relatively new to cisco VPNs. I have a couple of questions.
o-How do I limit access to what services are provided across the VPN tunnel.
* I assume that the access list used for the 'address match' statement is how one would accomplish this.
* This would make sense, but I think that I read somewhere that this list is used ONLY to determine which
* IP addresses are allowed through and nothing else. This seems stupid though.
o-How do I definitively certify that specific traffic is making it through the tunnel (ftp for example).
o-What is the proper proceedure to 'tear down' a vpn tunnel on a central site PIX that can't be reloaded.
Any help would be appreciated.