Hi D.M.Gore
Yes, you are correct.
See this note from Cisco
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9a87.shtml
The remote host/network
!--- is always defined as the first entry in the ACE regardless of the
directionRegards,
Mohammed Gazzaz
Date: Sun, 13 Sep 2009 15:40:06 +0530
From: [email protected]
To: [email protected]
Subject: [OSL | CCIE_Security] VPN : L2L Tunnel filtering
Hi All,
One of the options for L2L tunnel filtering is application of group policy with
vpn-filter attribute to tunnel group. But I observed that filtering is applied
to only incoming encrypted traffic. It does not work for outgoing traffic.
Is this correct behaviour?
Regards,
D.M.Gore
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
