Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
364
Views
0
Helpful
1
Replies

Can ASA download split tunnel list from ACS 4.0

tim.riegert
Level 1
Level 1

‎11-10-2006 12:26 PM

We are currently using a VPN Concentrator 3030 for remote access VPN tunnels. We plan on migrating to the ASA 5520 series for IPSec client connectivity. We'd like to be able to download RADIUS attributes from ACS 4.0 so we do not have to maintain a ton of different groups locally on the ASA. Has anyone tested split-tunnel lists, downloadable ACLs, etc. with ACS 4.0 and the ASAs?

Labels:
0 Helpful
1 Reply 1

thomas.chen
Level 6
Level 6

‎11-17-2006 08:57 AM

In basic VPN Client to ASA scenario, all traffic from the VPN Client is encrypted and sent to the ASA no matter what its destination is. Based on your configuration and the number of users supported, such a set up can become bandwidth intensive. Split tunneling can work to alleviate this problem since it allows users to send only that traffic which is destined for the corporate network across the tunnel. All other traffic such as instant messaging, email, or casual browsing is sent out to the Internet via the local LAN of the VPN Client.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702999.shtml

0 Helpful
Customers Also Viewed These Support Documents