Table of Contents
Advertisement
Wizards
Using the Remote Access Wizard to Establish the IPSec VPN Tunnels or SSL VPN Tunnels for Remote
Access
STEP 5
STEP 6
Cisco ISA500 Series Integrated Security Appliance Administrator Guide
-
Exclude LAN: If you choose Exclude Traffic, click True to deny the SSL
VPN clients to access the local LANs over the VPN tunnel, or click False
to allow the SSL VPN clients to access the local LANs over the VPN
tunnel.
•
Split DNS: Split DNS provides the ability to direct DNS packets in clear text
over the Internet to domains served through an external DNS (serving your
ISP) or through a SSL VPN tunnel to domains served by the corporate DNS.
For example, a query for a packet destined for corporate.com would go
through the tunnel to the DNS that serves the private network, while a query
for a packet destined for myfavoritesearch.com would be handled by the
ISP's DNS. By default, this feature is configured on the SSL VPN gateway and
is enabled on the client. To use Split DNS, you must also have Split Tunnel
mode configured.
To add a domain to the Cisco AnyConnect VPN Client for tunneling packets
to destinations in the private network, end the domian name in the field and
then click Add. To delete a domain, select it from the list and click Delete.
In the Zone-based Firewall Settings area, you can control the access over the
SSL VPN tunnels.
•
Click Permit to permit the access from the SSL VPN clients to the zones.
•
Click Deny to deny the access from the SSL VPN clients to the zones.
The VPN access rules that automatically generated by the zone-
NOTE
based firewall settings will be added to the firewall access rule table
with the priority higher than the default firewall ACL rules, but lower
than the custom firewall ACL rules.
Click OK to save your settings.
2
68
Hide quick links:
Advertisement
Table of Contents
