Solved: Internet access for Remote VPN with split tunnelling

hugochengym · ‎06-24-2011

Hi,

I have a remote VPN with split tunnelling enabled. Currently, users connected to this VPN browses internet with his/her internet connection. Now, my requirement is that a roaming user connecting to the vpn must use our company's internet connection for his browsing purposes. How can I do this?

Equipment we are using: ASA 5510

Hugo

Jennifer Halim · ‎06-24-2011

Here is a sample configuration for SSL VPN, however, the concept is the same with IPsec VPN Client:

http://www.cisco.com/en/US/products/ps6496/products_configuration_example09186a008096fcf5.shtml

Please just make changes as per my 3 points above.

View solution in original post

Jennifer Halim · ‎06-24-2011

Yes you can.

Configure the following:

1) Change the split tunnel policy from tunnelspecific to tunnelall

2) Configure "same-security-traffic permit intra-interface"

3) Configure NAT statement on the outside interface for the VPN pool, and use the corresponding sequence number on the existing GLOBAL statement.

hugochengym · ‎06-24-2011

Dear Sirs

Any detail reference for me to setup?

hugo

Jennifer Halim · ‎06-24-2011

Here is a sample configuration for SSL VPN, however, the concept is the same with IPsec VPN Client:

http://www.cisco.com/en/US/products/ps6496/products_configuration_example09186a008096fcf5.shtml

Please just make changes as per my 3 points above.