?
Solved

VPN IPSEC quick question

Posted on 2009-07-14
1
Medium Priority
?
258 Views
Last Modified: 2012-05-07
if I have IPSEC tunnels to and from my sites, do they bypass any ACLs on those sites

ie:
I have 172.16.1.0 and 172.16.2.0. They have a tunnel to themselves over the internet
If I have an ACL on the 172.16.1.0 firewall, that says "deny ip any any" applied to the inside interface, will the tunnel still work?
0
Comment
Question by:WERAracer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 33

Accepted Solution

by:
MikeKane earned 2000 total points
ID: 24852635
With Cisco ASA's the command " sysopt connection permit-ipsec  and sysopt connection permit-vpn " allow packets from an IPsec tunnel  to bypass ACLs on the security appliance.

The tunnels will usually not work without it.  

Here's the reference: http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#Solution12
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question