06-26-2008 08:54 AM - edited 02-21-2020 03:47 PM
Please attached picture because I hope that explains what I really want to do, but here is the break down.
When a Client VPN connects for remote access to 1-ASA5510 I want all Internet traffic to be sent to 2-ASA5510 instead of back out the default route. When it goes out 2-ASA5510 it crosses through out Content filter. 2-ASA5510 has Split Tunnel set up and we are trying to do away with SPlit Tunnel.
I hope this is clear enough.
Any ideas would be helpfull
Dan
Solved! Go to Solution.
06-27-2008 01:59 AM
Dan,
Tricky but do-able! Firstly there is a nice feature in the ASA that allows remote proxy configuration on a per VPN profile basis:-
group-policy <
msie-proxy method use-server
msie-proxy server value x.x.x.x
msie-proxy local-bypass enable
Yep you guessed it - only works on Microsoft Internet Explorer.
I don't think any policy based routing would work for you - bummer.
But you could try another feature - tunneled traffic, which is normaly used in the EasyVPN topllogy:-
ASA configuration right at the bottom, I would probably test this with the IP address of the 2651 router!
HTH.
06-27-2008 01:59 AM
Dan,
Tricky but do-able! Firstly there is a nice feature in the ASA that allows remote proxy configuration on a per VPN profile basis:-
group-policy <
msie-proxy method use-server
msie-proxy server value x.x.x.x
msie-proxy local-bypass enable
Yep you guessed it - only works on Microsoft Internet Explorer.
I don't think any policy based routing would work for you - bummer.
But you could try another feature - tunneled traffic, which is normaly used in the EasyVPN topllogy:-
ASA configuration right at the bottom, I would probably test this with the IP address of the 2651 router!
HTH.
06-27-2008 07:57 PM
try to make static route on the windows pc itself
with route add 0.0.0.0 0.0.0.0 defaultgateway
while it is not scaleable
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: