Cisco Cisco ISA570W Integrated Security Appliance Quick Setup Guide
© 2012 Cisco Systems, Inc. All rights reserved.
Page 22 of 27
Site-to-Site ACL Settings
ACL rules for site-to-site VPN are automatically generated when the IPSec tunnel is established between
the ISA500 in the main office (214.56.101.2) and the ISA500 in the branch office (214.56.115.2).
ACL rules for site-to-site VPN are automatically generated when the IPSec tunnel is established between
the ISA500 in the main office (214.56.101.2) and the ISA500 in the branch office (214.56.115.2).
ACL rules permit any host on the Default VLAN (192.168.75.0) in the main office to access hosts on the
subnet in the branch office and vice versa (The local network and remote network settings are configured
on the VPN > Site-to-Site > IPsec Policies page). After the IPSec tunnel is established, any host on
the chosen DEFAULT_VLAN (192.168.75.0 in the example) can access any host in remote_network on
the other side of tunnel.
subnet in the branch office and vice versa (The local network and remote network settings are configured
on the VPN > Site-to-Site > IPsec Policies page). After the IPSec tunnel is established, any host on
the chosen DEFAULT_VLAN (192.168.75.0 in the example) can access any host in remote_network on
the other side of tunnel.
Troubleshooting
When you create a rule, you can log the firewall events by enabling logging (Firewall > Access Control
> ACL Rules). These logs can be used for troubleshooting and for tracking potential security threats. A
variety of events can be captured and logged for review.
> ACL Rules). These logs can be used for troubleshooting and for tracking potential security threats. A
variety of events can be captured and logged for review.