VPN

8

 

Configuring SSL VPN

 

 

 

 

 

-Exclude Local LAN: If you choose Exclude Traffic, check the box to permit remote users to access their local LANs without passing through VPN tunnel, or uncheck the box to deny remote users to access their local LANs without passing through VPN tunnel.

NOTE: To exclude local LANs, make sure that the Exclude Local LAN feature is enabled on both the SSL VPN server and the AnyConnect clients.

Split DNS: Split DNS can direct DNS packets in clear text over the Internet to domains served through an external DNS (serving your ISP) or through the VPN tunnel to domains served by the corporate DNS.

For example, a query for a packet destined for corporate.com would go through the VPN tunnel to the DNS that serves the private network, while a query for a packet destined for myfavoritesearch.com would be handled by the ISP's DNS. To use Split DNS, you must also have split tunneling configured.

To add a domain for tunneling packets to destinations in the private network, enter the IP address or domain name in the field and click Add. To delete a domain, select it and click Delete.

STEP 6 In the Zone-based Firewall Settings area, you can control access from the SSL VPN clients to the zones over the VPN tunnels. Click Permit to permit access, or click Deny to deny access.

NOTE: The VPN firewall rules that are automatically generated by the zone-based firewall settings will be added to the list of firewall rules with the priority higher than the default firewall rules, but lower than the custom firewall rules.

STEP 7 Click OK to save your settings.

STEP 8 Click Save to apply your settings.

Cisco ISA500 Series Integrated Security Appliances Administration Guide

381

Page 381
Image 381
Casio ISA550WBUN3K9 manual Vpn