Re: PBR in Remote Access VPN

fatalXerror · ‎10-27-2018

Hi, is it possible to have policy-based routing in remote-access VPN? For example, if I my IP is 1.1.1.1 go out to interface-A else if I got the IP 2.2.2.2 go to interface-B.

Francesco Molino · ‎10-27-2018

Hi

By remote access you mean client vpn right?
Can you detail what you want to achieve? PBR won't work on remote access but maybe there's another way if you explain your goal.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Chandrashekhar More · ‎05-27-2022

I have the same requirement.

AnyConnect VPN user terminating on outside1 interface of firewall. Default route is pointed towards outside1

If AnyConnect user wants to access A then send to outside1 interface and if accessing B then send that traffic to outside2

cannot use simple routing here as internal users will always use outside1 for all the traffic (A and B). so need to use PBR somehow to achieve this.

MHM Cisco World · ‎05-28-2022

check this point

config two Tunnel-group one for each POOL, and enable any connect in OUT1 & OUT2,

now if any connect access to OUT1 and get IP , the any connect will appear in route table as direct connect to OUT1, so traffic will go through OUT1 always

if any connect access to OUT2 and get IP, the any connect will appear in route table as direct connect to OUT2, so traffic will go through OUT2 always.