Remote access w/o split tunneling using external DNS
I've set up a remote access group for Anyconnect on a 5510 running 8.4.5. Our company security policy prohibits split tunneling, but this particular location has no internal DNS (so I have to use a public DNS like google or something). How do I get this to work, I'm assuming I need to do a NAT exemption but I'm not sure how this would look, especially under 8.4.5.
This will allow the traffic to take a "U-turn" on the ASA "outside" interface and head back to the Internet.
The NAT configurations format depends on your current NAT configuration. It should work with the above but there is always a possibility that some current NAT configuration might cause problems for it or override it.
Let me know if I understood your situation correctly.
If this solved your problem, remember to mark the question is answered.
Hello All, i have two vm firepower as HA and they are working fine as HA the traffics going through fin but there is a red mark shows on the HA, can someone tell me what does that mean please? This only appears on the HA not in individual device...
This event had place on Thursday 23rd, January at 10hrs PDT
Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active ro...
Securing What's Now and What's Next. With our annual global survey of 2,800 security leaders, we dove deep to compile key benchmark statistics. The 2020 CISO Benchmark Report provides valuable takeaways and data on the most pressing cybersecurity to...
I have 2 Firepower module (ASA 5525) with Malware and IPS licence. Recently i changed the Malware policy action set to "Block Malware" and "Reset Connection". How to log the event if my policy blocked any files? Please find the attached screen shot f...
Hi, We have ISE v2.4 installed in production for only 2 month now. we are integrating anyconnect for posturing on all end users machine. I want to get the report or statistics of all the machines on which anyconnect client is installed.