03-31-2020 01:00 PM
We have a website that is accessible on the Internet and only allowed to be accessed via our public IP. We need vpn users to be able to access via anyconnect when they are not in the office. To accomplish this, do I just add the IP of the website into the split tunnel acl?
Solved! Go to Solution.
03-31-2020 01:08 PM
Hi,
Yes, you will need to include that IP address in the split-tunnel ACL.
Also you will probably need to create a NAT rule for the VPN Pool, e.g:-
object network VPN_POOL
subnet 192.168.10.0 255.255.255.0
nat (outside,outside) dynamic interface
...and permit traffic sourced from the outside interface to be routed back out the outside interface.
same-security-traffic permit intra-interface
HTH
03-31-2020 01:08 PM
Hi,
Yes, you will need to include that IP address in the split-tunnel ACL.
Also you will probably need to create a NAT rule for the VPN Pool, e.g:-
object network VPN_POOL
subnet 192.168.10.0 255.255.255.0
nat (outside,outside) dynamic interface
...and permit traffic sourced from the outside interface to be routed back out the outside interface.
same-security-traffic permit intra-interface
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide