split tunnelling with anyconnect and ACS

Unanswered Question
Aug 13th, 2009
User Badges:

we are trying to implement per user split tunneling using ACS. In the past attribute ipsec-split-tunnel-list was used for ipsec clients and that works fine. Tested with any connect and this attribute does not appear to work. Questions:

Is this attribute ipsec specifiec as the name suggest?

what is the alternative?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smalkeric Wed, 08/19/2009 - 09:18
User Badges:
  • Silver, 250 points or more

The below URL provides step-by-step instructions on how to allow Cisco AnyConnect VPN client access to the Internet while they are tunneled into a Cisco Adaptive Security Appliance (ASA) 8.0.2. This configuration allows the client secure access to corporate resources via SSL while giving unsecured access to the Internet using split tunneling.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080975e83.shtml


fashour Wed, 08/19/2009 - 10:42
User Badges:

What I am looking for is to assign split tunnel acl on per user basis by utilizing ACS. I have it working for IPSEC clients by using ipsec-split-tunnel-list radius attribute on ACS. Is there a comparable for Anyconnect?

Actions

This Discussion