Casio CasioIsa 550 With Wifi 3y Security ISA550WBUN3K9 User Manual
Configuration Wizards
Using the Remote Access VPN Wizard
Cisco ISA500 Series Integrated Security Appliances Administration Guide
64
2
STEP 12
In the Split Tunneling Settings area, enter the following information:
Split tunneling permits specific traffic to be carried outside of the SSL VPN tunnel.
Traffic is either included (resolved in tunnel) or excluded (resolved through the ISP
or WAN connection). Tunnel resolution configuration is mutually exclusive. An IP
address cannot be both included and excluded at the same time.
Traffic is either included (resolved in tunnel) or excluded (resolved through the ISP
or WAN connection). Tunnel resolution configuration is mutually exclusive. An IP
address cannot be both included and excluded at the same time.
•
Enable Split Tunneling: By default, all of traffic from the host is directed
through the tunnel. Check this box to enable the split tunneling feature so that
the tunnel is used only for traffic that is specified by the client routes.
through the tunnel. Check this box to enable the split tunneling feature so that
the tunnel is used only for traffic that is specified by the client routes.
•
Split Selection: If you enable split tunneling, choose one of the following
options:
options:
-
Include Traffic: Allows you to add the client routes on the SSL VPN client
so that only traffic to the destination networks can be redirected through
the SSL VPN tunnels. To add a client route, enter the destination subnet
to which a route is added on the SSL VPN client in the Address field and
the subnet mask for the destination network in the Netmask field, and
then click Add.
so that only traffic to the destination networks can be redirected through
the SSL VPN tunnels. To add a client route, enter the destination subnet
to which a route is added on the SSL VPN client in the Address field and
the subnet mask for the destination network in the Netmask field, and
then click Add.
-
Exclude Traffic: Allows you to exclude the destination networks on the
SSL VPN client. Traffic to the destination networks is redirected using the
SSL VPN client’s native network interface (resolved through the ISP or
WAN connection). To add a destination subnet, enter the destination
subnet to which a route is excluded on the SSL VPN client in the Address
field and the subnet mask for the excluded destination in the Netmask
field, and then click Add.
SSL VPN client. Traffic to the destination networks is redirected using the
SSL VPN client’s native network interface (resolved through the ISP or
WAN connection). To add a destination subnet, enter the destination
subnet to which a route is excluded on the SSL VPN client in the Address
field and the subnet mask for the excluded destination in the Netmask
field, and then click Add.
NOTE: To exclude the destination networks, make sure that the Exclude
Local LANs feature is enabled on the Cisco AnyConnect Secure Mobility
clients.
Local LANs feature is enabled on the Cisco AnyConnect Secure Mobility
clients.
-
Exclude Local LANs: If you choose Exclude Traffic, check the box to
permit remote users to access their local LANs without passing through
VPN tunnel, or uncheck the box to deny remote users to access their local
LANs without passing through VPN tunnel.
permit remote users to access their local LANs without passing through
VPN tunnel, or uncheck the box to deny remote users to access their local
LANs without passing through VPN tunnel.
NOTE: To exclude local LANs, make sure that the Exclude Local LANs
feature is enabled on both the SSL VPN server and the Cisco
AnyConnect Secure Mobility clients.
feature is enabled on both the SSL VPN server and the Cisco
AnyConnect Secure Mobility clients.
•
Split DNS: Split DNS can direct DNS packets in clear text over the Internet
for domains served through an external DNS (serving your ISP) or through a
SSL VPN tunnel to domains served by the corporate DNS. To add a domain
for domains served through an external DNS (serving your ISP) or through a
SSL VPN tunnel to domains served by the corporate DNS. To add a domain