<div>
I think that should be possible. If you have something like <i>sysopt permit-vpn</i> in your config, remove that. After that you need to allow vpn traffic through an ACE on the outside interface just like any other traffic from the outside. <br />
So if you don't add a rule I think it would work like any other traffic through the ASA. From the inside to the outside and return traffic should work.
</div>


I think that should be possible. If you have something like sysopt permit-vpn in your config, remove that. After that you need to allow vpn traffic through an ACE on the outside interface just like any other traffic from the outside.
So if you don't add a rule I think it would work like any other traffic through the ASA. From the inside to the outside and return traffic should work.

<div>
Ok,<br />
<br />
Could you tell what you did? And could you have a look at the logging to see if anything shows there?
</div>


Ok,

Could you tell what you did? And could you have a look at the logging to see if anything shows there?

<div>
<div class="content wysiwyg-content">
Hi I have a site to site VPN on an ASA device running OS 8.4<br />
my side of the network is on 192.168.1.0 / 24 <br />
the other side of the VPN is 10.0.0.0 / 24<br />
I need to set up a rule so that while I can access all hosts on 10.0.0.0 / 24<br />
none of the hosts on 192.168.1.0 / 24 should be able to access our side of the tunnel.<br />
<br />
Is this possible?
</div>
</div>


Hi I have a site to site VPN on an ASA device running OS 8.4
my side of the network is on 192.168.1.0 / 24 
the other side of the VPN is 10.0.0.0 / 24
I need to set up a rule so that while I can access all hosts on 10.0.0.0 / 24
none of the hosts on 192.168.1.0 / 24 should be able to access our side of the tunnel.

Is this possible?

vpn traffic filtering on site to site VPNs

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.