split tunnelling with anyconnect and ACS

Unanswered Question
Aug 13th, 2009
User Badges:

we are trying to implement per user split tunneling using ACS. In the past attribute ipsec-split-tunnel-list was used for ipsec clients and that works fine. Tested with any connect and this attribute does not appear to work. Questions:

Is this attribute ipsec specifiec as the name suggest?

what is the alternative?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smalkeric Wed, 08/19/2009 - 09:18
User Badges:
  • Silver, 250 points or more

The below URL provides step-by-step instructions on how to allow Cisco AnyConnect VPN client access to the Internet while they are tunneled into a Cisco Adaptive Security Appliance (ASA) 8.0.2. This configuration allows the client secure access to corporate resources via SSL while giving unsecured access to the Internet using split tunneling.


fashour Wed, 08/19/2009 - 10:42
User Badges:

What I am looking for is to assign split tunnel acl on per user basis by utilizing ACS. I have it working for IPSEC clients by using ipsec-split-tunnel-list radius attribute on ACS. Is there a comparable for Anyconnect?


This Discussion