split tunnelling with anyconnect and ACS

Unanswered Question
Aug 13th, 2009

we are trying to implement per user split tunneling using ACS. In the past attribute ipsec-split-tunnel-list was used for ipsec clients and that works fine. Tested with any connect and this attribute does not appear to work. Questions:

Is this attribute ipsec specifiec as the name suggest?

what is the alternative?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smalkeric Wed, 08/19/2009 - 09:18

The below URL provides step-by-step instructions on how to allow Cisco AnyConnect VPN client access to the Internet while they are tunneled into a Cisco Adaptive Security Appliance (ASA) 8.0.2. This configuration allows the client secure access to corporate resources via SSL while giving unsecured access to the Internet using split tunneling.


fashour Wed, 08/19/2009 - 10:42

What I am looking for is to assign split tunnel acl on per user basis by utilizing ACS. I have it working for IPSEC clients by using ipsec-split-tunnel-list radius attribute on ACS. Is there a comparable for Anyconnect?


This Discussion