Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
131
Views
0
Helpful
1
Replies

Filtered traffic to AnyConnect

emilmoe86
Level 1
Level 1

‎05-06-2015 02:55 AM - edited ‎02-21-2020 08:13 PM

Is it possible to make rules with Cisco AnyConnect? I want it only to send some traffic through VPN. For example I have some websites I can only access through VPN, but I don't want to log on to VPN for every site.

Labels:
0 Helpful
1 Reply 1

Adeolu Owokade
Level 1
Level 1

‎05-06-2015 08:24 PM

Hi,

You need to configure split tunneling. This link should help: http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_groups.html#wp1053494

An example configuration on the Cisco ASA is as follows:

access-list NETWORKS-TO-PERMIT standard permit 192.168.10.0 255.255.255.0

!

group-policy VPN-GRP-POLICY attributes
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value NETWORKS-TO-PERMIT

!

tunnel-group VPN-TUNNEL-GRP general-attributes
 default-group-policy VPN-GRP-POLICY

You can also specify networks to exclude using split-tunnel-policy excludespecified

0 Helpful
Customers Also Viewed These Support Documents