Hi Tyson Thx, that answered my question.
Can you please comment on the two below given comments: - "flow restrict" will restrict all the traffic from the ezvpn inside interface when it is down right? - Is the "flow" command is applicable to both VTI and non-VTI based EzVPN client With regards Kings On Mon, Jul 26, 2010 at 10:56 PM, Tyson Scott <[email protected]> wrote: > Volume 2 Lab20. R1 EZVPN Section. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Managing Partner / Sr. Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Kingsley Charles > *Sent:* Monday, July 26, 2010 6:43 AM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] EzVPN client restrict traffic when tunnel > is down > > > > Hi all > > Has anyone tried testing the functionality of the following commands of IOS > EzVPN client. These commands actually restrict the client in sending traffic > in clear text when the tunnel is down. > > > flow restrict - completely restricts the traffic from interface configured > from "crypto ipsec client ezvpn king inside" > > flow allow acl - allows only the traffic specified in the ACL > > > The traffic still goes in clear text when tunnel is down for me. Any > thoughts? > > If it is working for you, can you please send me the working config. > > > With regards > Kings >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
