10-27-2018 04:18 AM
Hi, is it possible to have policy-based routing in remote-access VPN? For example, if I my IP is 1.1.1.1 go out to interface-A else if I got the IP 2.2.2.2 go to interface-B.
10-27-2018 06:49 PM
05-27-2022 02:36 AM
I have the same requirement.
AnyConnect VPN user terminating on outside1 interface of firewall. Default route is pointed towards outside1
If AnyConnect user wants to access A then send to outside1 interface and if accessing B then send that traffic to outside2
cannot use simple routing here as internal users will always use outside1 for all the traffic (A and B). so need to use PBR somehow to achieve this.
05-28-2022 09:55 AM
check this point
config two Tunnel-group one for each POOL, and enable any connect in OUT1 & OUT2,
now if any connect access to OUT1 and get IP , the any connect will appear in route table as direct connect to OUT1, so traffic will go through OUT1 always
if any connect access to OUT2 and get IP, the any connect will appear in route table as direct connect to OUT2, so traffic will go through OUT2 always.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide