From Perimeter L3 Switch Security Technical Implementation Guide - Cisco
Part of Remote VPN end-point not a mirror of local gateway
The IPSec tunnel end points may be configured on the OOBM gateway routers connecting the managed network and the NOC. They may also be configured on a firewall or VPN concentrator located behind the gateway router. In either case, the crypto access-list used to identify the traffic to be protected must be a mirror (both IP source and destination address) of the crypto access list configured at the remote VPN peer.
Verify the configuration at the remote VPN end-point is a mirror configuration as that reviewed for the local end-point.
Configure he crypto access-list used to identify the traffic to be protected so that it is a mirror (both IP source and destination address) of the crypto access list configured at the remote VPN peer.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer