Configuring Split Tunneling - Cisco ASA 5505 Configuration Manual
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Zone Labs Integrity Server
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
Configuring SSL VPN Connections, Advanced
The advanced options include configuring split tunneling, IE browser proxy, and group-policy related
attributes for SSL VPN/AnyConnect clients and IPsec clients.
Configuring Split Tunneling
Split tunneling lets you specify that certain data traffic is encrypted ("goes through the tunnel"), while
the remainder is sent in the clear (unencrypted). Split-tunneling network lists distinguish networks that
require traffic to go through the tunnel from those that do not require tunneling. the adaptive security
appliance makes split-tunneling decisions based on a network list, which is an ACL consisting of a list
of addresses on the private network.
Fields
•
•
•
•
•
Zone Labs Integrity Server
The Zone Labs Integrity Server panel lets you configure the adaptive security appliance to support a
Zone Labs Integrity Server. This server is part of the Integrity System, a system designed to enforce
security policies on remote clients entering the private network. In essence, the adaptive security
appliance acts as a proxy for the client PC to the Firewall Server and relays all necessary Integrity
information between the Integrity client and the Integrity server.
Cisco ASA 5500 Series Configuration Guide using ASDM
64-102
Security Context
Transparent Single
—
•
DNS Names—Specify one or more DNS names to which this policy applies.
Policy—Selects the split-tunneling policy, specifying whether to include or exclude from the tunnel
the indicated network lists. If you do not select Inherit, the default is Exclude Network List Below.
Network List—Selects the networks to which to apply the split-tunneling policy. If you do not select
Inherit, the default is --None--.
Manage—Opens the ACL Manager dialog box, in which you can configure access control lists to
use as network lists.
Intercept DHCP Configuration Message from Microsoft Clients—Reveals additional parameters
specific to DHCP Intercept. DCHP Intercept lets Microsoft XP clients use split-tunneling with the
adaptive security appliance. For Windows clients prior to XP, DHCP Intercept provides the domain
name and subnet mask.
Intercept—Specifies whether to allow the DHCP Intercept to occur. If you do not select, Inherit,
–
the default setting is No.
Subnet Mask—Selects the subnet mask to use.
–
Multiple
Context
System
—
—
Chapter 64
General VPN Setup
OL-20339-01
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
