Currently we are allowing remote access vpn users access to the Internet, our setup is as follows:
group-policy VPN attributes
dns-server value 192.168.100.10
split-tunnel-network-list value split
access-list split standard permit 192.0.0.0 255.0.0.0
We need to change this setup such that remote access vpn users can still access the internal network (192.0.0.0 255.0.0.0) but NOT allow them Internet access, in other words everything should remain the same but we need Internet blocked.
what do we need to change on the group-policy?