06-15-2007 09:52 AM - edited 02-21-2020 03:06 PM
I have an ASA 5510 appliance running 7.2 (ASDM 5.2) terminating Cisco VPN Client 4.8 users.
Everything works, meaning the Client can access corporate resources. However, due to "split-tunneling" being disabled (per corporate security policy) I will need to route all Internet-bound traffic through the appliance.
How is this done?
I have tried changing the tunnel default gateway to the 'inside' interface of the ASA. I have also added NAT entries for the VPN Client pools to be translated to a different IP Address on the 'outside' interface but it still does not work.
Thanks in advance.
--re
07-04-2007 03:56 PM
Im not sure if there is any other way, but if you use a proxy in your internal network and configure it on the remote workers, it should do the trick.
Cheers,
Nuno
07-04-2007 05:32 PM
Sure this is possible. For example...
same-security-traffic permit intra-interface
ip local pool vpnpool 192.168.10.1-192.168.10.254
global (outside) 1 interface
nat (outside) 1 192.168.10.0 255.255.255.0
Here is the document that will also help if needed.
Please rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide