Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1386
Views
0
Helpful
3
Replies

Split tunneling based on Dynamic Access policy

piotr.witkowski
Level 1
Level 1

‎05-26-2011 01:30 AM

Hi,

I am trying figure out if it is possible at all to apply "split tunneling" based on dynamic access policy result.

Lets imagine situation where:

1. Cisco Secure Desktop pre-login policy is applied.

2. Based on CSD result the dynamic access policy can enforce specific access list.

I woule like also based on Cisco Secure Desktop result assign or not assign split tunneling to particular users.

BR

Piotr Witkowski

Labels:
0 Helpful
3 Replies 3

Yudong Wu
Level 7
Level 7

‎05-26-2011 09:15 AM

Split tunneling is the attribute in group-policy.

DAP can overwirte some attribute in group-policy but as far as I know, it could not do anything with split-tunneling.

If you would like to control the access, you can set ACL filter in DAP.

0 Helpful

piotr.witkowski
Level 1
Level 1
In response to Yudong Wu

‎05-26-2011 09:41 AM

Hi Yudong,

This is the point of problem.

I need assign user to group-policy based on results of Cisco Secure Desktop pre-check.

I thought i can achieve this by DAP but it seems DAP has limited functionality and as you mentioned can overwite only selected atributes.

Do you have another idea how to assing Split Tunneling atribute dynamicaly based on Cisco Secure Desktop result ?

General idea is assing split tunneling ON when user meets security criteria and assign split tunneling OFF when user doesnt meet security criteria.

BR

Piotr Witkowski

0 Helpful

Yudong Wu
Level 7
Level 7
In response to piotr.witkowski

‎05-26-2011 03:51 PM

I don't see any workaround for this so far.

This feature has been requested in the following bug but unfortunately it is not fixed yet.

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi54718

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents