07-09-2008 12:41 PM - edited 02-21-2020 03:49 PM
Crossposted on firewall forum -
I'm dissallowing split-tunnel vpn for remote access connections, but I'd like to allow a couple of external websites to still be accessed. I'm using a ASA 5520 with ASDM 6.0 and I noticed that on the split tunnel tab there is a place where I can enter allowed networks for split tunnels and above that something that says "domain names." What I'm wondering is if I can use this section to enter dns names of the websites I want to allow users access to since these are "server farms" with multiple IP addresess?
07-09-2008 12:50 PM
do NAT for VPN clients and let them go out to the websites through vpn
07-10-2008 05:43 AM
Just trying to understand this better:
So, I would set up that particular VPN group to NAT to a public IP address and then how would I restrict them to only the website I wan them to reach versus all web access? I guess I'm just not sure what that ACL would look like once I'm done.
Thank you!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: