Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Redirecting web traffic to another location for Remote Access VPN over ASA

I have an ASA 5510 that I am setting up for remote access VPN. Everything works great with the exception of one problem....this ASA sits in a lo-lo facility, not in the corp HQ. I have a default route on it pointed to the outside interface for the internet facing feed provided by the co-lo. I want users who are connected to the ASA to access the internet via my corporate HQ access, where our proxy, etc. are in place....I am having a problem redirecting this traffic back to HQ which is remote from the location of the ASA; it always wants to take the default route. The remote users will be using the Cisco VPN client 5.0. Any ideas? Thanks in advance.

Everyone's tags (3)
3 REPLIES
New Member

Re: Redirecting web traffic to another location for Remote Acces

Sorry, that was co-lo, not lo-lo

Cisco Employee

Re: Redirecting web traffic to another location for Remote Acces

1) How is the CoLo ASA connected to your HQ? How do you route from CoLo ASA to HQ?

2) Do you configure split tunnel for the VPN Client?

3) Can you share topology diagram and CoLo ASA configuration?

New Member

Re: Redirecting web traffic to another location for Remote Acces

Was able to resolve with the help of the TAC last friday. Split tunneling was not an option. Resoultion was to set a default route for tunneled traffic pointing to the next hop back to my corp HQ using the tunneled keyword. So, I have my default route pointed to the outside feed from the co-lo, and another pointed to the next hop used to go back to my corp HQ that sends all tunneled traffic, resolving my problem:

route outside 0.0.0.0 0.0.0.0 [next-hop]

route inside 0.0.0.0 0.0.0.0 [next-hop] tunneled

998
Views
0
Helpful
3
Replies
CreatePlease login to create content