Hi all,

I'struggling to figure out the filters to allow NDS sync, SLP, and NCP

logins over a Site to Site VPN, wonder if someone could help me out

I had thought I could say:

Src Int: VPTunnel
Dest Int: Private
Pkt Type: VPTunnel (I'm assumming all VPN traffic goes over port 2010)

Src Int: Private
Dest Int: VPTunnel
Pkt Type: VPTunnel

But even with Pkt Type: ANY these exceptions still fail.

Does VPTunnel traffic get routed directly through to the Private
interface, or is routed first to the Public and then to the Private?
which case I guess I'll need two sets of exceptions one from the
VPTunnel to the Public VPN Address, and one from the Public VPN
to the Private Address.