ASA/PIX, IDS, IPS, VPN, Cisco Secure ACS, AAA, ISE.
tangoseal
Member
Posts:
185
Joined:
Tue Apr 29, 2008 7:22 pm

Pulling my hair out on this one... How to force tunnel ?

Wed May 30, 2012 11:55 pm

I have my Router, not asa, with IOS Easy VPN Server established.

If I use split tunneling my clients can access the net all day long and access hosts and resources over the VPN on the other side of the network as if it were plugged into the lan.

The hard part I cant figure out is how to force tunnel. I want all internet access to go through the router and not to split tunnel in addition I want to retain the ability to access local resources as if I were plugged into the LAN. I have security reasons for doing this and I am not worried about a little extra load on the router.

Let me know where to start looking. I can provide configs if necessary. If I do be warned I am trying to learn what all this nifty Cisco Config Pro GUI can do so my config is gonna be full of all kind of stuff that is messy. I wont post unless asked.

I am hoping there is a simple basic solution or idea one can point me towards instead of having to dig around configs all night long.
Awesomesauce!!!!

tangoseal
Member
Posts:
185
Joined:
Tue Apr 29, 2008 7:22 pm

Re: Pulling my hair out on this one... How to force tunnel ?

Thu May 31, 2012 9:35 pm

I have decided that I thought I understood VPN really well but now I realize that I am going to study hardcore on VPN all over again. It is probably one stupid little ACL or routing statement somewhere thats causing all of my headache.
Awesomesauce!!!!

'

Return to Cisco Security

Who is online

Users browsing this forum: No registered users and 20 guests