Solved

VPN IPSEC quick question

Posted on 2009-07-14
1
252 Views
Last Modified: 2012-05-07
if I have IPSEC tunnels to and from my sites, do they bypass any ACLs on those sites

ie:
I have 172.16.1.0 and 172.16.2.0. They have a tunnel to themselves over the internet
If I have an ACL on the 172.16.1.0 firewall, that says "deny ip any any" applied to the inside interface, will the tunnel still work?
0
Comment
Question by:WERAracer
1 Comment
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 24852635
With Cisco ASA's the command " sysopt connection permit-ipsec  and sysopt connection permit-vpn " allow packets from an IPsec tunnel  to bypass ACLs on the security appliance.

The tunnels will usually not work without it.  

Here's the reference: http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#Solution12
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question