03-31-2020 01:00 PM
We have a website that is accessible on the Internet and only allowed to be accessed via our public IP. We need vpn users to be able to access via anyconnect when they are not in the office. To accomplish this, do I just add the IP of the website into the split tunnel acl?
Solved! Go to Solution.
03-31-2020 01:08 PM
Hi,
Yes, you will need to include that IP address in the split-tunnel ACL.
Also you will probably need to create a NAT rule for the VPN Pool, e.g:-
object network VPN_POOL
subnet 192.168.10.0 255.255.255.0
nat (outside,outside) dynamic interface
...and permit traffic sourced from the outside interface to be routed back out the outside interface.
same-security-traffic permit intra-interface
HTH
03-31-2020 01:08 PM
Hi,
Yes, you will need to include that IP address in the split-tunnel ACL.
Also you will probably need to create a NAT rule for the VPN Pool, e.g:-
object network VPN_POOL
subnet 192.168.10.0 255.255.255.0
nat (outside,outside) dynamic interface
...and permit traffic sourced from the outside interface to be routed back out the outside interface.
same-security-traffic permit intra-interface
HTH
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: