F5F Stay Refreshed Power Users Networks Use Cisco VPN directly rather than relying on your ISP.

Use Cisco VPN directly rather than relying on your ISP.

Use Cisco VPN directly rather than relying on your ISP.

Pages (2): 1 2 Next
F
FyrewallPlayz
Junior Member
Find
29
06-15-2025, 07:18 AM
#1
You're trying to access your personal internet while connected to a VPN on your Cisco ASA 5505 device.
Reply
Reply
F
FyrewallPlayz
06-15-2025, 07:18 AM #1

You're trying to access your personal internet while connected to a VPN on your Cisco ASA 5505 device.

Reply
Reply
T
TwinDiamond
Member
Find
137
06-18-2025, 09:30 PM
#2
ip local pool vpn_users set value 10.0.1.10-10.0.1.50 mask 255.255.255.0
ipv6 local pool vpn_users_v6 specify subnet 100 object network obj-AnyconnectPool with interface 10.0.1.0/24
object network obj-AnyconnectPool-v6 define subnet [IPv6 Subnet]/[mask]
object network obj-AnyconnectPool nat (outside,outside) dynamic interface nat (inside,outside)
source static inside-out inside-out destination static obj-AnyconnectPool
obj-AnyconnectPool no-proxy-arp route-lookup access-list vpn_local standard permit [local subnets] [mask]
access-list vpn_local standard permit any4
access-list vpn_local_v6 extended permit ip [IPv6 Prefix]/[mask]
any6 group-policy DfltGrpPolicy attributes dns-server value [DNS Server IP]
vpn-tunnel-protocol set ikev2
l2tp-ipsec ssl-client split-tunnel-network-list value vpn_local split-tunnel-all-dns
enable address-pools value vpn_users
ipv6-address-pools value vpn_users_v6
group-policy vpn_users_attrib attributes dns-server value [DNS Server IP]
vpn-tunnel-protocol ssl-client split-tunnel-policy tunnelall
split-tunnel-network-list value vpn_local default-domain
value [Domain.com]
split-tunnel-all-dns enable address-pools
value vpn_users
ipv6-address-pool value vpn_users_v6
dynamic-access-policy-record DfltAccessPolicy dynamic-access-policy-record
remote-access users username set USERNAME
password set BLAH
privilege set 15
username set USERNAME
attributes vpn-group-policy vpn_users_attrib
Reply
Reply
T
TwinDiamond
06-18-2025, 09:30 PM #2

ip local pool vpn_users set value 10.0.1.10-10.0.1.50 mask 255.255.255.0
ipv6 local pool vpn_users_v6 specify subnet 100 object network obj-AnyconnectPool with interface 10.0.1.0/24
object network obj-AnyconnectPool-v6 define subnet [IPv6 Subnet]/[mask]
object network obj-AnyconnectPool nat (outside,outside) dynamic interface nat (inside,outside)
source static inside-out inside-out destination static obj-AnyconnectPool
obj-AnyconnectPool no-proxy-arp route-lookup access-list vpn_local standard permit [local subnets] [mask]
access-list vpn_local standard permit any4
access-list vpn_local_v6 extended permit ip [IPv6 Prefix]/[mask]
any6 group-policy DfltGrpPolicy attributes dns-server value [DNS Server IP]
vpn-tunnel-protocol set ikev2
l2tp-ipsec ssl-client split-tunnel-network-list value vpn_local split-tunnel-all-dns
enable address-pools value vpn_users
ipv6-address-pools value vpn_users_v6
group-policy vpn_users_attrib attributes dns-server value [DNS Server IP]
vpn-tunnel-protocol ssl-client split-tunnel-policy tunnelall
split-tunnel-network-list value vpn_local default-domain
value [Domain.com]
split-tunnel-all-dns enable address-pools
value vpn_users
ipv6-address-pool value vpn_users_v6
dynamic-access-policy-record DfltAccessPolicy dynamic-access-policy-record
remote-access users username set USERNAME
password set BLAH
privilege set 15
username set USERNAME
attributes vpn-group-policy vpn_users_attrib

Reply
Reply
A
AltijdGamen_NL
Junior Member
Find
16
06-19-2025, 01:34 AM
#3
You already have a VPN network set up. Just need guidance on connecting to your gateway.
Reply
Reply
A
AltijdGamen_NL
06-19-2025, 01:34 AM #3

You already have a VPN network set up. Just need guidance on connecting to your gateway.

Reply
Reply
I
iRaine
Posting Freak
Find
800
06-20-2025, 07:56 AM
#4
Yah, that's all the pieces you need to adjust to disable split tunneling and get it to work.
Reply
Reply
I
iRaine
06-20-2025, 07:56 AM #4

Yah, that's all the pieces you need to adjust to disable split tunneling and get it to work.

Reply
Reply
X
xBioTeK
Member
Find
136
07-03-2025, 04:07 PM
#5
It's unclear what you're asking about. Could you clarify your question?
Reply
Reply
X
xBioTeK
07-03-2025, 04:07 PM #5

It's unclear what you're asking about. Could you clarify your question?

Reply
Reply
I
IMayBeDead
Senior Member
Find
696
07-03-2025, 08:13 PM
#6
I called it that for the entire internal network. It seems to be designed so the internal network can communicate with the VPN traffic. The goal is an object network inside-out subnet 192.168.0.0/24.
Reply
Reply
I
IMayBeDead
07-03-2025, 08:13 PM #6

I called it that for the entire internal network. It seems to be designed so the internal network can communicate with the VPN traffic. The goal is an object network inside-out subnet 192.168.0.0/24.

Reply
Reply
G
gle_pip123
Junior Member
Find
2
07-05-2025, 09:33 AM
#7
Your local network is 172.16.105.x. This configuration supports the commands you mentioned for traffic control.
Reply
Reply
G
gle_pip123
07-05-2025, 09:33 AM #7

Your local network is 172.16.105.x. This configuration supports the commands you mentioned for traffic control.

Reply
Reply
D
DNDgaming
Junior Member
Find
16
07-07-2025, 07:17 AM
#8
Adjust the configuration to use an object network with the internal subnet 172.16.105.0 and a full address range of 255.255.255.0
Reply
Reply
D
DNDgaming
07-07-2025, 07:17 AM #8

Adjust the configuration to use an object network with the internal subnet 172.16.105.0 and a full address range of 255.255.255.0

Reply
Reply
T
Twerkyboy
Junior Member
Find
13
07-08-2025, 02:56 PM
#9
I updated it to my internal network, but it’s not functioning. There’s no internet connection whatsoever—neither 4G nor my personal one.
Reply
Reply
T
Twerkyboy
07-08-2025, 02:56 PM #9

I updated it to my internal network, but it’s not functioning. There’s no internet connection whatsoever—neither 4G nor my personal one.

Reply
Reply
P
PadnD
Member
Find
56
07-09-2025, 05:11 PM
#10
I believe I missed something in the config. Please add these lines:
object network obj-AnyconnectPool nat (outside,outside) dynamic interface dynamic-access-policy-record DfltAccessPolicy dynamic-access-policy-record RemoteAccessUsers username USERNAME password BLAH privilege 15 username USERNAME attributes vpn-group-policy vpn_users_attrib vpn-tunnel-protocol ssl-client service-type remote-access tunnel-group vpn_users type remote-access tunnel-group vpn_users general-attributes address-pool vpn_users ipv6-address-pool vpn_users_v6 default-group-policy vpn_users_attrib
Reply
Reply
P
PadnD
07-09-2025, 05:11 PM #10

I believe I missed something in the config. Please add these lines:
object network obj-AnyconnectPool nat (outside,outside) dynamic interface dynamic-access-policy-record DfltAccessPolicy dynamic-access-policy-record RemoteAccessUsers username USERNAME password BLAH privilege 15 username USERNAME attributes vpn-group-policy vpn_users_attrib vpn-tunnel-protocol ssl-client service-type remote-access tunnel-group vpn_users type remote-access tunnel-group vpn_users general-attributes address-pool vpn_users ipv6-address-pool vpn_users_v6 default-group-policy vpn_users_attrib

Reply
Reply
Pages (2): 1 2 Next