Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
370
Views
0
Helpful
1
Replies

Need to force anyconnect clients to use a mandatory route instead of current split tunnel mmode

Dirk Evelyn
Level 1
Level 1

‎06-27-2017 01:43 PM

I have an AnyConnect remote access solution on MY ASA 5510 that is setup to use split tunneling. I want to force a route not to use the spilt tunnel but to use my Internet Gateway that is not the ASA.I hope this is possible but I cant seem to find out how to do it. I foubnd some information on access-lists but don't think that will apply.

Labels:
0 Helpful
1 Reply 1

dperezoquendo
Level 1
Level 1

‎06-28-2017 01:46 PM

Hello,

So the split tunnel already allows the route to behave how you want it unless you meant tunnelall.

split tunnel = only traffic headed to company network will be sent through vpn connection --- other traffic will go out through normal network connection.

tunnelall = default config, all traffic from your computer will go through VPN connection.

If your ASA is already setup for split tunneling, I believe you probably need to verify network settings on your PC. Verify that "Use default gateway on remote box" is unchecked under the Network Connections -> Your VPN Connection (Properties) -> Networking -> IPv4 -> Properties -> Advanced tab. Depending on what version of Windows you have, you may have to disable it differently. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents