Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
454
Views
0
Helpful
1
Replies

Cisco ASA AnyConnect Split and Tunnel All together

ivan.martin
Level 1
Level 1

‎08-12-2021 08:35 PM

Hi

I have a Cisco ASA with vpn ssl anyconnect. We need to do split tunnel and tunnel all in the firewall for the same pool address and for the same interface outside and for the same group-alias.

All is working ok with split tunnel but my issue is for tunnel all. I should redirect  internet traffic for anyconnect client users to another external firewall (Palo Alto)  using another interface in the Cisco ASA. 

I was thinking in PBR. 

Perhaps, someone will have any idea about this case?

Regards, Ivan. 

 

0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎08-13-2021 12:10 AM - edited ‎08-13-2021 12:18 AM

@ivan.martin 

You can use a tunneled route for that decrypted VPN traffic (configured in addition to the default route)

 

route <if_name> 0.0.0.0 0.0.0.0 <gateway_ip> tunneled

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents