07-09-2008 12:41 PM - edited 02-21-2020 03:49 PM
Crossposted on firewall forum -
I'm dissallowing split-tunnel vpn for remote access connections, but I'd like to allow a couple of external websites to still be accessed. I'm using a ASA 5520 with ASDM 6.0 and I noticed that on the split tunnel tab there is a place where I can enter allowed networks for split tunnels and above that something that says "domain names." What I'm wondering is if I can use this section to enter dns names of the websites I want to allow users access to since these are "server farms" with multiple IP addresess?
07-09-2008 12:50 PM
do NAT for VPN clients and let them go out to the websites through vpn
07-10-2008 05:43 AM
Just trying to understand this better:
So, I would set up that particular VPN group to NAT to a public IP address and then how would I restrict them to only the website I wan them to reach versus all web access? I guess I'm just not sure what that ACL would look like once I'm done.
Thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide