12-30-2014 07:21 AM - edited 02-21-2020 08:00 PM
I have AnyConnect setup on an ASA5525-X. It is working with the exception that it makes the default gateway the VPN instead of injecting routes and keeping the local gateway as the default gateway. Is there any way to do this through the client or ASA side configuration?
Solved! Go to Solution.
12-30-2014 11:44 AM
On the ASA you would need to have something like the following setup within the group-policy:
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 110
The "110" in this example refers back to an access-list 110 that specifies the networks you want to reach via the remote access VPN.
All other networks should remain reached via the default gateway that exists on the client even without the VPN.
12-30-2014 11:44 AM
On the ASA you would need to have something like the following setup within the group-policy:
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 110
The "110" in this example refers back to an access-list 110 that specifies the networks you want to reach via the remote access VPN.
All other networks should remain reached via the default gateway that exists on the client even without the VPN.
12-30-2014 04:10 PM
I did this through ASDM and once I specified the networks through a standard ACL in the ASDM it worked great. I appreciate your assistance with this, and the quick response time.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide