topic Re: remote access vpn traffic in Network Security

remote access vpn traffic

ShareefKooliyodan0444 — Thu, 14 Sep 2023 06:18:18 GMT

Hello

I have remote access vpn (Local) to my origination and its working fine .

how I can achieve this after Rvpn connected , the internet from my client pc should be route via my organization. i mean all traffic from my client pc should go via origination .

can i get any solution please to achieve this please ...

my os version is 7.0.2 cisco firepower also managing from fmc.

Re: remote access vpn traffic

dwillia5@highpoint.edu — Fri, 15 Sep 2023 10:02:32 GMT

Shareef,

Most likely this is an issue with your tunnel setting on the RA VPN. If you want all traffic to go through your organization, you have to select that in the connection profile of your VPN. Go to Devices>Remote Access. From there, click on the connection profile you want to edit and then click on edit group policy. On the group policy screen, you will find the split tunnel information under "General."

Re: remote access vpn traffic

Marius Gunnerud — Fri, 15 Sep 2023 10:19:52 GMT

You need to configure the RAVPN to be tunnel-all and not split-tunnel. In addition to this you will need a NAT statement that will translate RAVPN users to the outside interface IP (or another public IP). so the nat statement would have source interface outside, destination interface outside. Also, depending on if you have set up RAVPN to bypass the interface ACL or not, you might need to allow access from the RAVPN subnet to any / internet.

You can refer to the following link for more information on setting up RAVPN. But as you have this already set up you might just want to focus on the "hair-pinning" part.

https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215875-configure-anyconnect-vpn-client-on-ftd.html