Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco VPN Client requires Internet access --- not "split-tunneled"

I have an ASA 5510 appliance running 7.2 (ASDM 5.2) terminating Cisco VPN Client 4.8 users.

Everything works, meaning the Client can access corporate resources. However, due to "split-tunneling" being disabled (per corporate security policy) I will need to route all Internet-bound traffic through the appliance.

How is this done?

I have tried changing the tunnel default gateway to the 'inside' interface of the ASA. I have also added NAT entries for the VPN Client pools to be translated to a different IP Address on the 'outside' interface but it still does not work.

Thanks in advance.

--re

2 REPLIES
New Member

Re: Cisco VPN Client requires Internet access --- not "split-tun

Im not sure if there is any other way, but if you use a proxy in your internal network and configure it on the remote workers, it should do the trick.

Cheers,

Nuno

Green

Re: Cisco VPN Client requires Internet access --- not "split-tun

Sure this is possible. For example...

same-security-traffic permit intra-interface

ip local pool vpnpool 192.168.10.1-192.168.10.254

global (outside) 1 interface

nat (outside) 1 192.168.10.0 255.255.255.0

Here is the document that will also help if needed.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805734ae.shtml

Please rate helpful posts.

105
Views
0
Helpful
2
Replies
CreatePlease login to create content