Can a Cisco ASA Site-to-site VPN configuration use split-tunneling ?
Posted on 2016-09-25
Hi all -
I have a pair of Cisco ASA 5505s at two different physical locations and I'd like to setup a site-to-site VPN between them. I am not knowledgeable with CLI but I know my way around ASDM fairly well. When I use the IPSec VPN Wizard in ASDM, I can easily get the two sites talking to each other through the VPN tunnel. But, when I do so the users at each end lose their Internet access.
I am almost certain this is some kind of NAT issue. My best guess based on my own knowledge and some searching is that traffic coming from the inside interface intended for the Internet is not being NAT'ed to the outside interface. if this were a remote user VPN with client software, I could setup split-tunneling. But, I'm not sure if that option exists for site-to-site VPNs.
Is there a way I can get around this problem and still use ASDM to configure my tunnel?
Any help would be greatly appreciated. Thanks.