You can create an access-list to specify the traffic you want filtered, then apply that ACL to the crypto map.
For instance: ip access-list ext VPN-FILTER deny tcp any any eq 23 deny tcp any any eq 80 permit ip any any crypto map VPN 10 ipsec-isakmp set ip access-group VPN-FILTER in Mark On Wed, Jun 29, 2011 at 8:43 AM, Kash iqbal <[email protected]> wrote: > Hi Experts , > > A quick question > > in IPSec Crypto map where you put ACL to allow trarfic to go inside the > tunnel , Is there any other place where we can put security on Traffic that > is coming thrugh VPN > > Let me explain. > > Match acl says > Permit IP 1.1.1.0 to 2.2.20 > > However i want to block Telent and port 80 on this VPN tunnel how i can > accomplish this. > > > Regards > KAshif > > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
