cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
640
Views
0
Helpful
3
Replies

Split tunneling based on Dynamic Access policy

Hi,

I am trying figure out if it is possible at all to apply "split tunneling" based on dynamic access policy result.

Lets imagine situation where:

1. Cisco Secure Desktop pre-login policy is applied.

2. Based on CSD result the dynamic access policy can enforce specific access list.

I woule like also based on Cisco Secure Desktop result assign or not assign split tunneling to particular users.

BR

Piotr Witkowski

3 REPLIES 3
Rising star

Re: Split tunneling based on Dynamic Access policy

Split tunneling is the attribute in group-policy.

DAP can overwirte some attribute in group-policy but as far as I know, it could not do anything with split-tunneling.

If you would like to control the access, you can set ACL filter in DAP.

Re: Split tunneling based on Dynamic Access policy

Hi Yudong,

This is the point of problem.

I need assign user to group-policy based on results of Cisco Secure Desktop pre-check.

I thought i can achieve this by DAP but it seems DAP has limited functionality and as you mentioned can overwite only selected atributes.

Do you have another idea how to assing Split Tunneling atribute dynamicaly based on Cisco Secure Desktop result ?

General idea is assing split tunneling ON when user meets security criteria and assign split tunneling OFF when user doesnt meet security criteria.

BR

Piotr Witkowski

Highlighted
Rising star

Re: Split tunneling based on Dynamic Access policy

I don't see any workaround for this so far.

This feature has been requested in the following bug but unfortunately it is not fixed yet.

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi54718