Solved: Re: CISCO Any connect v4.4

homayoon.khalili · ‎06-12-2018

Does anyone know if the CISCO VPN client (Any connect v 4.4) can be downloaded by anyone and then configured to allow for tunneling?

In other words can the split tunneling on the enterprise VPN solution be bypassed by an end user? Or the solution is configured at the enterprise connection point and no matter who downloads the client, they won't be able to by pass it?

Peter Davis · ‎06-12-2018

While a user with administrative rights on the system would have various tools available to them to circumvent policies, the split tunnel/tunneling policy is passed down from the head-end and is not user controlled.

View solution in original post

Peter Davis · ‎06-12-2018

While a user with administrative rights on the system would have various tools available to them to circumvent policies, the split tunnel/tunneling policy is passed down from the head-end and is not user controlled.

homayoon.khalili · ‎06-18-2018

Thank you for your response.

I tried to prove this to myself but it seems like we were able to get around it.

Perhaps our test (tracert) was not a goods one.

Can you recommend a way to confirm that given our local admin rights on the PC, we won't be able to circumvent the tunneling policy?

When we used Tracerout command, there was no change before and after establishing the tunnel to the enterprise. The internet was accessible both before and after.

Thx