cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
359
Views
0
Helpful
1
Replies

ASA Split-Tunnel ACL

rioneljeudy
Level 1
Level 1

Cisco ASA.

For example, I have the following subnet in the split-tunnel ACL 192.168.0.0/16. I need to made an exception to remove 192.168.89.0/24 in the Spli-tunnel ACL - What is the best way to do so?

1 Accepted Solution

Accepted Solutions

rvarelac
Level 7
Level 7

Hi rioneljeudy , 

You can limit the subnets on the ACL used for the split-tunnel for example change the /16 for something more specific or apply a VPN filter to the policy. Check an example on the following link:

http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/99103-pix-asa-vpn-filter.html

Hope it helps

-Randy-

View solution in original post

1 Reply 1

rvarelac
Level 7
Level 7

Hi rioneljeudy , 

You can limit the subnets on the ACL used for the split-tunnel for example change the /16 for something more specific or apply a VPN filter to the policy. Check an example on the following link:

http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/99103-pix-asa-vpn-filter.html

Hope it helps

-Randy-