Hey everyone,
I'm looking to restrict traffic to an ASA by only allowing specific IP addresses to be able to establish an IKE connection to my ASA's public IP address. I thought about adding an ACL to the outside interface of the ASA, but after doing some research, I hear that an ACL on the interface will only block traffic going THROUGH the ASA and not to the device itself. I only want my verified devices to have the ability to establish a VPN connection.
Verified Public IP > IKE Traffic to Build Tunnel > Public IP of ASA
I was able to do this on a SonicWall by adding an ACL rule between my WAN zones. Does anyone know how this can be done on the ASA?
No comments:
Post a Comment