Remote Access VPN Question - Allow certain websites for Split Tunnel VPN

Unanswered Question
Jul 9th, 2008
User Badges:

Crossposted on firewall forum -

I'm dissallowing split-tunnel vpn for remote access connections, but I'd like to allow a couple of external websites to still be accessed. I'm using a ASA 5520 with ASDM 6.0 and I noticed that on the split tunnel tab there is a place where I can enter allowed networks for split tunnels and above that something that says "domain names." What I'm wondering is if I can use this section to enter dns names of the websites I want to allow users access to since these are "server farms" with multiple IP addresess?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
a.alekseev Wed, 07/09/2008 - 12:50
User Badges:
  • Gold, 750 points or more

do NAT for VPN clients and let them go out to the websites through vpn

redwarrior Thu, 07/10/2008 - 05:43
User Badges:

Just trying to understand this better:

So, I would set up that particular VPN group to NAT to a public IP address and then how would I restrict them to only the website I wan them to reach versus all web access? I guess I'm just not sure what that ACL would look like once I'm done.

Thank you!


This Discussion