Hey guys! I think the answer to this question is "no" based on the research
I've done, but being that I am not an ASA expert (yet), I thought I would
ask if anybody knows a solution to this problem.
The problem: I have an SSL VPN connection set up at home. When I am VPN in
I actually want internet tunneled through the ASA. I want to tunnel traffic
to the LAN 10.1.0.0/16 as well as all internet access through the ASA while
at the same time NOT tunneling traffic to other internal IP addresses. So
logically, it would be something like
access-list 1 standard permit 10.1.0.0 255.255.0.0
access-list 1 standard deny 10.0.0.0 255.0.0.0
access-list 1 standard deny 172.16.0.0 255.240.0.0
access-list 1 standard deny 192.168.0.0 255.255.0.0
access-list 1 standard permit any
I don't think deny is a valid option in the ACL though. Any way to
accomplish that?
-- Regards, Joe Astorino CCIE #24347 Blog: http://astorinonetworks.com "He not busy being born is busy dying" - Dylan Blogs and organic groups at http://www.ccie.netReceived on Tue Sep 06 2011 - 08:47:58 ART
This archive was generated by hypermail 2.2.0 : Sat Oct 01 2011 - 07:26:25 ART