Solved: Re:VPN split tunneling question???????

juancarlosmartinez · ‎06-01-2012

Hi All

Can somebody tell me what options I have, before I use ASA Split tunneling .Thanks

I dont want to use the split tuneeling as last resorce.

thanks

mikull.kiznozki · ‎06-02-2012

we could also use a vpn filter to control the traffic flow as per acl's on your ipsec tunnel. that imo is the best way to control the traffic!

View solution in original post

Julio Carvajal · ‎06-01-2012

Hello Juan Carlos,

The thing is that as long as you do not use the Split tunneling feature all traffic will be tunneled.

So the options you have are:

1-Tunnel all traffic

2- Tunnel specific traffic (Split tunnel policy)

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Javier Portuguez · ‎06-01-2012

Hi,

In addition to the previous post you could also configure exlude-specified, which allows you to route all traffic thru the tunnel except for specific networks. A pretty common approach of this implementation is called "LOCAL LAN ACCESS".

Please let us know if you have any further questions.

Sent from Cisco Technical Support Android App

mikull.kiznozki · ‎06-02-2012

we could also use a vpn filter to control the traffic flow as per acl's on your ipsec tunnel. that imo is the best way to control the traffic!

Javier Portuguez · ‎06-02-2012

Hi,

I agree with Mikull's post, the VPN filter is a powerful tool, to limit VPN access.

Sent from Cisco Technical Support Android App

juancarlosmartinez · ‎06-04-2012

Thanks Guys so much for the help......Is weel appriciated