RE: enabling Local LAN access for SSL VPN (SVC) clients / ASA

From: Jason Guy (jguy) (jguy@cisco.com)
Date: Mon Oct 15 2007 - 09:57:57 ART

• Next message: Bajo: "Re: payment taken 28 days before lab"
• Previous message: John Jones: "Re: OT Re: CCIE Lab Price Increase"
• Maybe in reply to: Jason Guy (jguy): "RE: enabling Local LAN access for SSL VPN (SVC) clients / ASA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Oh, geez.. I never touched the ASA. The IOS SSLVPN and the ASA do not
share the same exact set of options from what I remember. The option
would still be related to split tunneling.

Here is a link that shows how to do it. It is not as straight forward
as the IOS SSLVPN, but it is possible. :)

http://www.cisco.com/en/US/products/ps6120/products_configuration_exampl
e09186a0080702992.shtml

Cheers,
Jason

-----Original Message-----
From: Alexei Monastyrnyi [mailto:alexeim@orcsoftware.com]
Sent: Monday, October 15, 2007 4:06 AM
To: Jason Guy (jguy)
Cc: ccielab@groupstudy.com
Subject: Re: enabling Local LAN access for SSL VPN (SVC) clients / ASA
7.2.3

Thanks mate.

This is for IOS SSL client, can't find the same for ASA...

asa(config-group-webvpn)# svc ?

config-group-webvpn mode commands/options:
  compression Configure SVC compression
  dpd-interval Configure the SVC DPD interval
  enable Enable SVC
  keep-installer Configure the SVC install enabler
  keepalive Configure the SVC keepalive
  none Disable SVC
  rekey Configure the SVC rekey
  required Enable and require SVC

A.

on 10/12/2007 8:13 PM Jason Guy (jguy) wrote:
> Alexei,
>
> Try using this command under the policy group definition:
>
> svc split exclude local-lans
>
> It will allow for the split tunneling to keep the route for the
client's
> local LAN installed. At least, that is what I remember it being used
> for, it has been a while. :)
>
> Jason
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> Alexei Monastyrnyi
> Sent: Friday, October 12, 2007 10:11 AM
> To: ccielab@groupstudy.com
> Subject: enabling Local LAN access for SSL VPN (SVC) clients / ASA
7.2.3
>
> Folks,
> I am just wondering if it is possible at all to enable it?
>
> In usual VPN client you just enable it on client side...
>
> Couldn't find anything about that in group policy.
>
> Shedding some light would be highly appreciated.
>
> A.
>
>

• Next message: Bajo: "Re: payment taken 28 days before lab"
• Previous message: John Jones: "Re: OT Re: CCIE Lab Price Increase"
• Maybe in reply to: Jason Guy (jguy): "RE: enabling Local LAN access for SSL VPN (SVC) clients / ASA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:15 ART