Start Free TrialLog in
Avatar of dufff
dufff

asked on 

Cisco VPN Client

Is it possible to have one user on the Cisco VPN client tunnel all internet requests though the tunnel instead of there local network?
VPNInternet Protocol SecurityNetwork Architecture
Avatar of undefined
Last Comment
ArneLovius
Avatar of RPPreacher
RPPreacher
Flag of United States of America image
Yes.  It is possible.
Avatar of dufff
dufff

ASKER

Can you explain how to do it? We have a Cisco ASA 5520 that terminates the VPN clients
Avatar of RPPreacher
RPPreacher
Flag of United States of America image
Change ACL for crypto match to all traffic (0.0.0.0 0.0.0.0), then

same-security-traffic permit intra-interface

To enable hairpinning
Avatar of dufff
dufff

ASKER

Will this send all clients web traffic through the tunnel? I am just looking to have one client's web traffic go through the tunnel and all the rest through there own network.
Avatar of RPPreacher
RPPreacher
Flag of United States of America image
Yes.  I doubt this is possible for just one client.

How do you imagine the ASA will identify this client?  Source IP?  Do they always hit the VPN from one location?

If the one client needs this, you could give them a small ASA and create a tunnel to that ASA that handles all the traffic.
Avatar of dufff
dufff

ASKER

yes it would be from the same location. if the IP is always the same could it be configured on the ASA?
Avatar of RPPreacher
RPPreacher
Flag of United States of America image
Probably not with the client but with an ASA on each side, yes.
Avatar of ArneLovius
ArneLovius
Flag of United Kingdom of Great Britain and Northern Ireland image
I presume that this is the IPSec client not the Anyconnect client.

You need to create a new group for this user, and then not enable split tunnelling on that group.

are you configuring this through ASDM or the CLI ?
Avatar of dufff
dufff

ASKER

ASDM
ASKER CERTIFIED SOLUTION
Avatar of ArneLovius
ArneLovius
Flag of United Kingdom of Great Britain and Northern Ireland image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
VPN
VPN

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

26K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent