Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Split-tunnel Config help

Right now my VPN is setup and working properly. Basically, when a user connects to the ASA5520 VPN Server, an IP gets issued to them and they can connect. When the user tries to browse the internet it uses the user's ISP which is good.

Now I need to set it up so SSH originates from the company and not from the user's personal ISP, meaning if they SSH to another site through the VPN tunnel.

How can I do this ?

3 REPLIES
Silver

Re: VPN Split-tunnel Config help

What's the software verison which you are using in the ASA box?

New Member

Re: VPN Split-tunnel Config help

7.2.1

asdm 5.2

New Member

Re: VPN Split-tunnel Config help

I have tried something before....tunnel everything...but in your case, maybe you can try something like this.

if your vpnpool is 192.168.88.1-192.168.88.254

Do a extended access-list for 192.168.88.0/24 to SSH

Then do

nat (outside) 6 access-list abc

global (outside) 6

Not very sure it will conflict with the NONAT statement or not....please let us know

106
Views
0
Helpful
3
Replies
CreatePlease login to create content