Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
651
Views
0
Helpful
0
Replies

Cisco Umbrella SWG protection or Protected by VA

metafore
Level 1
Level 1

‎06-16-2023 03:29 AM - edited ‎06-16-2023 09:41 AM

Hi everyone,

I have client where they have cisco umbrella already deployed in corporate environment.

For corporate environment it is integrated with VA and DNS/Http/Https traffic is getting to Umbrella through PBR based IPSEC tunnel. 

Now customer has come up with additional requirement to add umbrella protection for VPN (ON/OFF) users.

Remote users are accessing corporate resources through anyconnect VPN with split tunneling enabled.

We have tested anyconnect umbrella roaming security module and we are able to see DNS & SWG layer protection enabled while user is connnected to Internet without VPN turned on, in any connect roaming security statistic section, Hence that is working as expected as we can see the same status in umbrella dashboard as well.

Now, when remote user connects to VPN, we are seeing SWG protection is disabled, and DNS layer protection is showing enabled through VA in remote security in any connect secure mobility client..

Note:::SWG settings are enabled globally in umbrella dashboard.

Question:

1) Is this the default expected behavior for remote users with VPN connection on?

2) Should SWG section in any connect client roaming security section show as enabled for remote users in both scenario of VPN (ON/OFF)? 

Appreciate some help here.

 

 

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents