The situation is that the ASA is in a country that's blocking sites on
the Internet, I'd like to give the users at that office access to the
websites, pretty much like a proxy but encrypted.
So I guess my question is, can you only use an extended ACL or is
there a way to classify a URL for split tunneling to be encrypted and
sent through the tunnel
On Thu, Jan 24, 2013 at 6:38 PM, Jay McMickle <jay.mcmickle_at_yahoo.com> wrote:
> Not sure I understand. Normally you encrypt data inside of the tunnel, and don't include traffic like the Internet. Do you have the Internet on the other side of a tunnel, which is why you need this? Maybe you want to encrypt data to another Datacenter where your main Internet is filtered and logged?
>
> Sorry, being an Engineer, I over think when questions without full explanation are asked. Then again, I lose focus when the explanations are too long. You can't win. LOL.
>
> Explain further...
>
> Regards,
> Jay McMickle- CCIE #35355 (RS)
> Sent from my iPhone 5
>
> On Jan 24, 2013, at 4:29 PM, Group Study <gs_at_netengineer.org> wrote:
>
>> Hi Group Study,
>>
>> I understand that for split tunneling you use an extended ACL but is
>> there way to tunnel access for specific websites? I guess, you could
>> put the public IP of the websites in the destination part of the
>> extended ACL but is there a cleaner solution?
>>
>> Thanks.
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Jan 24 2013 - 18:44:44 ART
This archive was generated by hypermail 2.2.0 : Sun Feb 03 2013 - 16:27:18 ART