We are users of a Cisco AnyConnect VPN and we are having issues setting up a split tunnel.
The Cisco Firewall is in our on-premise network and we use the AnyConnect VPN to give access to our employees from their remote location to our local network. This is currently setup and working as it should.
Now, we also have a VM instance on Google Cloud and we restricted access to this VM only from our on-premise network. We want to allow our employees to access this VM, but we want to keep access limited to our network only.
To achieve this, we set an additional client route to this VM to route the traffic through the Cisco AnyConnect VPN network. The route seems to be correctly set and effective (checked with ROUTE PRINT), but something is preventing the connection to the Google Cloud VM to work (as if a DROP rule was set in the firewall).
We have tried to set firewall rules and ACL to allow traffic, but nothing has worked so far, connection between our employee’s network and the Google Cloud VM through our network isn’t working.
I can confirm the connection to the Google Cloud VM from our on-premise network (behind the Cisco Firewall) works fine, and Cisco AnyConnect VPN from our employee’s network to our local resources also works fine.
What would be the correct procedure to achieve this split-tunnel configuration?
Thanks for the help.