Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

VPN, Internet traffic, and Split Tunnels

Please attached picture because I hope that explains what I really want to do, but here is the break down.

When a Client VPN connects for remote access to 1-ASA5510 I want all Internet traffic to be sent to 2-ASA5510 instead of back out the default route. When it goes out 2-ASA5510 it crosses through out Content filter. 2-ASA5510 has Split Tunnel set up and we are trying to do away with SPlit Tunnel.

I hope this is clear enough.

Any ideas would be helpfull

Dan

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VPN, Internet traffic, and Split Tunnels

Dan,

Tricky but do-able! Firstly there is a nice feature in the ASA that allows remote proxy configuration on a per VPN profile basis:-

group-policy <> attributes

msie-proxy method use-server

msie-proxy server value x.x.x.x

msie-proxy local-bypass enable

Yep you guessed it - only works on Microsoft Internet Explorer.

I don't think any policy based routing would work for you - bummer.

But you could try another feature - tunneled traffic, which is normaly used in the EasyVPN topllogy:-

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps6659/prod_white_paper0900aecd8060b477.html

ASA configuration right at the bottom, I would probably test this with the IP address of the 2651 router!

HTH.

2 REPLIES

Re: VPN, Internet traffic, and Split Tunnels

Dan,

Tricky but do-able! Firstly there is a nice feature in the ASA that allows remote proxy configuration on a per VPN profile basis:-

group-policy <> attributes

msie-proxy method use-server

msie-proxy server value x.x.x.x

msie-proxy local-bypass enable

Yep you guessed it - only works on Microsoft Internet Explorer.

I don't think any policy based routing would work for you - bummer.

But you could try another feature - tunneled traffic, which is normaly used in the EasyVPN topllogy:-

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps6659/prod_white_paper0900aecd8060b477.html

ASA configuration right at the bottom, I would probably test this with the IP address of the 2651 router!

HTH.

Re: VPN, Internet traffic, and Split Tunnels

try to make static route on the windows pc itself

with route add 0.0.0.0 0.0.0.0 defaultgateway

while it is not scaleable

697
Views
0
Helpful
2
Replies
CreatePlease to create content