Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
657
Views
0
Helpful
1
Replies

SSL VPN IOS no split-tunnel with internet

Aaron D
Level 1
Level 1

‎03-17-2010 01:01 PM

Configuration below. I have CEF turned off, trying to get internet access for SSL VPN clients without split-tunnel. How do I accomplish this with IOS VPN?

thanks-

webvpn gateway gateway_1
ip address  
http-redirect port 80
ssl trustpoint TP-self-signed-614248518
inservice
!
webvpn install svc flash:/webvpn/anyconnect-win-2.4.1012-k9.pkg sequence 1
!
webvpn context 2821ssl
secondary-color white
title-color #CCCC66
text-color black
ssl authenticate verify all
!
!
policy group policy_1
   functions svc-enabled
   svc address-pool "SSLVPNPOOL"
   svc keep-client-installed
    virtual-template 3
default-group-policy policy_1
aaa authentication list ciscocp_vpn_xauth_ml_1
gateway gateway_1
inservice

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎03-17-2010 08:52 PM

You would need to configure the "ip nat inside" on the virtual template for the SSL VPN. The access-list to match the nat translation should deny traffic between the internal network towards the ip pool subnet, and permitting the ip pool subnet to any (internet).

0 Helpful
Customers Also Viewed These Support Documents