Tuesday, 15 July 2014

ASA 5505: AnyConnect Split Tunnel VPN

From the ASDM configure the following;
  • Click 'Configuration'
  • 'VPN'
  • 'General'
  • Then 'Group Policy'
 
  • Select the policy which you want to enable local LAN access, then click edit.
  • Click the 'Client Configuration' tab
  • Untick the 'Inherit' box for 'Split Tunnel Policy' and select 'Tunnel Network List Below'
  • Untick the 'Inherit' box for 'Split Tunnel Network List' and click 'manage'
 
  • Next click 'Add' then 'Add ACL'
  • Enter a name for the ACL and press 'OK'
  • Now 'Add ACE'
  • Permit the IP subnet of your LAN
  • Press 'OK' twice
  • Make sure that for 'Split Tunnel Network List', that your ACL is selected
  • Press 'OK' and send commands to ASA

In CLI mode enter the following command;





Remember to save your configuration.

Verify


I've completed the following on my Andriod phone, to download the client navigate to https://youripaddress

  • Add your profile and click the slider

 
  • ASA using a self signed certificate, you can ignore this warning;

 
  •  Select your VPN group and enter your credentials;

 
  • Aslong as as your credentials are correct it should work;
  • Test the internet connection

References;
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/70917-asa-split-tunnel-vpn-client.html#configasa
http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_27728401.html

2 comments:

  1. Great things you’ve always shared with us. Just keep writing this kind of posts.The time which was wasted in traveling for tuition now it can be used for studies.Thanks vpn

    ReplyDelete
  2. Positive site, where did u come up with the information on this posting?I have read a few of the articles on your website now, and I really like your style. Thanks a million and please keep up the effective work. vpn services

    ReplyDelete