VPN IPSEC quick question

if I have IPSEC tunnels to and from my sites, do they bypass any ACLs on those sites

I have and They have a tunnel to themselves over the internet
If I have an ACL on the firewall, that says "deny ip any any" applied to the inside interface, will the tunnel still work?
Who is Participating?
MikeKaneConnect With a Mentor Commented:
With Cisco ASA's the command " sysopt connection permit-ipsec  and sysopt connection permit-vpn " allow packets from an IPsec tunnel  to bypass ACLs on the security appliance.

The tunnels will usually not work without it.  

Here's the reference: http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#Solution12
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.