Cisco ASA VPN Filter

This topic is to discuss the following lesson:

Hi Laz,

Query related to Cisco ASA Remote Access VPN ::

My query is that What traffic is showing by in id=0x7f11b99ce080 ( Source and Destination) and out id=0x7f11b99c34d0 in the output of show asp table filter according do ASA, I am little bit confused which traffic is being inbound filtered and which one outbound filtered ?

Hello Pradyumna

First of all, when you post your question, please post it in the forum topic associated with the lesson that you are asking about. This way it is easier for us to understand the context of your question, and it eliminates the need to move your post to the appropriate forum topic… Thanks!

Now as for your question, you can see in the output that the in indicator shows source traffic from anywhere (0.0.0.0) to R1 (192.168.1.1). So this is for traffic from the VPN remote user towards the internal network. So this is the inbound filter. The out indicator shows the opposite, or the outbound traffic filter.

Now there are two additional in and out filters, and these are the implicit deny filters. One is for IPv4 and the other is for IPv6. These exist by default. You can differentiate between those and the one that was created by the filter ID which in this case is the name of the access list: RESTRICT_VPN.

I hope this has been helpful!

Laz