05-30-2017 12:40 PM
I'm setting up a site to site VPN and I have allowed split tunnel on a Cisco ASA 5506-x. When I connect through the Anyconnect on my PC, the internet connection works, but I am connecting from a PC on a xx.xxx.xxx.235 network VPN'ing into a xx.xxx.xxx.234 network and my ip after VPN'ing is still xx.xxx.xxx.235. I need it to to be xx.xxx.xxx.234 because that's our whole reason for setting up a VPN in the first place. How do I fully VPN into another network and inherit its public ip address?
Solved! Go to Solution.
05-31-2017 12:41 AM
You need to use full tunnel (not split tunnel) in order to have your PC appear as the VPN headend public IP. You then also need a nat (outside,outside) rule for your remote access VPN traffic.
05-31-2017 12:41 AM
You need to use full tunnel (not split tunnel) in order to have your PC appear as the VPN headend public IP. You then also need a nat (outside,outside) rule for your remote access VPN traffic.
05-31-2017 11:45 AM
Thank you. I think this is what I was missing. Do you know of any document or video I can follow to change my split tunnel into a full tunnel?
05-31-2017 08:23 PM
You might have a look at this blog:
http://www.dasblinkenlichten.com/full-tunnel-anyconnect-with-internet-hairpin/
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide