08-13-2009 11:59 AM - edited 02-21-2020 03:37 AM
we are trying to implement per user split tunneling using ACS. In the past attribute ipsec-split-tunnel-list was used for ipsec clients and that works fine. Tested with any connect and this attribute does not appear to work. Questions:
Is this attribute ipsec specifiec as the name suggest?
what is the alternative?
08-19-2009 09:18 AM
The below URL provides step-by-step instructions on how to allow Cisco AnyConnect VPN client access to the Internet while they are tunneled into a Cisco Adaptive Security Appliance (ASA) 8.0.2. This configuration allows the client secure access to corporate resources via SSL while giving unsecured access to the Internet using split tunneling.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080975e83.shtml
08-19-2009 10:42 AM
What I am looking for is to assign split tunnel acl on per user basis by utilizing ACS. I have it working for IPSEC clients by using ipsec-split-tunnel-list radius attribute on ACS. Is there a comparable for Anyconnect?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide