Hi, We have a Cisco ASA 5500 series Firewall where our employees connect via Cisco Anyconnect. Since then we used Split-Tunneling so our employees can connect to cloud based enterprise application without passing though our main link. However just recently we have another cloud base solution, this time it only allow one IP Address to connect to it. We put our external public gateway, it worked for employees in the office, but this solution is not working for employees that are around the world and always mobile. How can I force VPN clients to use our public gateway to access this cloud base solution, without removing the split-tunnel policy? I already put the exempt policy for the IP address but the routing stops in our Firewall. Any sample config will be very helpful and how to approach it. Thank you,
You need to add the destination IP address of the new service into the split tunnel list. You need need to configure the asa to nat this for (outside,outside) to your external public IP address that you want web browsing to come from, and you may need to create an access rule to allow this (the firewall logs are likely to tell you the answer).
Hi everyone.I have a problem in my Network.So i have 3 routers and a firewall in my topology. I have configured OSPF and all routers works expect R3 (see in the image below)When I watch my neignbor in R3 it says :192.168.7.7 1 INIT/DROTHER 00:00:37 10.0.2...
Host Onboarding is the term used when connecting an endpoint (hosts , IOT , Other devices) to the fabric , and can be accomplished in a couple of ways.One option is the "static" approach as oppose to the dynamic and secure approach using&nbs...
good morning I have this report from users, saying that they encounter connection issue only when they are wired , but the wireless I fine. both connection are using the same path to the internet ...please advised a troubleshooting plan.
Enterprise Switching Business Unit is glad to announce Beta release 16.12.3 for all Catalyst 9200/9300/9400/9500/9600. This release is made available to allow users to test, evaluate and share feedback before General Avail...