Split Tunneling
One other option that applies to full-tunnel solutions for both Cisco AnyConnect Secure Mobility Client and IPsec remote-access clients is the ability to tell that remote device to send traffic over the IPsec or SSL tunnel only if the packets are destined to a specific subnetwork or subnetworks at the headquarters’ site. By doing this, the customer at a remote location can directly send out to the Internet to get responses from public servers and at the same time reach remote servers behind the ASA using the VPN. Without split tunneling, all IP traffic leaving the client’s machine goes through the tunnel to the ASA (regardless of the destination), and if those resources being sought are not behind the ASA, the ASA also needs to ...
Get Santos:CCNA Sec 210-260 OCG now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
