Solved: New to SSL VPN, Can I tunnel specific networks without specifying application list with Smart tunnel...

rrobles007 · ‎09-08-2012

Hello,

I'm brand new to SSL VPN and I'm a bit lost... I've been trying to get SSL VPN going for our company and we've been asked to deploy a completely client-less solution that will allow access to our network based on subnets. Is that possible with smart-tunnels? I've tried a few different configurations and it doesnt seem to be working. It works with ANYCONNECT but we need to go clientless. They are under the impression we can do clientless access to destination networks. Is this possible?

thank you in advance..

oszkari · ‎09-09-2012

This is what you can do with a clientless solution:

Allow access to web resources (using url-list)
Allow access to TCP based application (using java port-forwarding or smart tunnels)

If you have to give access to entire subnets, then you will need to go with full SSL tunnelling which is Anyconnect.

HTH

View solution in original post

oszkari · ‎09-09-2012

This is what you can do with a clientless solution:

Allow access to web resources (using url-list)
Allow access to TCP based application (using java port-forwarding or smart tunnels)

If you have to give access to entire subnets, then you will need to go with full SSL tunnelling which is Anyconnect.

HTH

rrobles007 · ‎09-09-2012

Thank you VERY much!!! thats what I was guessing but always helps to get an experienced answser..

Peter Koltl · ‎01-22-2014

You can add subnets with smart tunnel policy for all applications if you add *.exe

New to SSL VPN, Can I tunnel specific networks without specifying application list with Smart tunnels??

Smart tunnels on Cisco ASA