Wednesday, December 3, 2014

Cisco ASA Restrict VPN traffic to 1 IP on Site to Site (L2L) Tunnel

I was recently asked to restrict access on a VPN tunnel to one IP address,  Here is how I did it-

access-list restrict extended permit ip host any

group-policy Tunnel internal
group-policy Tunnel attributes
 vpn-filter value restrict

tunnel-group general-attributes
 default-group-policy Tunnel

No comments:

Post a Comment