Cisco Cisco ASA 5555-X Adaptive Security Appliance - No Payload Encryption 기술 매뉴얼

Contents

Introduction

Prerequisites

Requirements

Components Used

Network Diagram

Background Information

Configure Local LAN Access for VPN Clients or the AnyConnect Secure Mobility Client

Configure the ASA via the ASDM

Configure the ASA via the CLI

Configure the Cisco AnyConnect Secure Mobility Client

User Preferences

XML Profile Example

Verify

Cisco AnyConnect Secure Mobility Client

Test Local LAN Access with Ping

Troubleshoot

Unable to Print or Browse by Name

Related Information

Introduction

This document describes how to allow the Cisco VPN Client or the Cisco AnyConnect Secure
Mobility Client to only access their local LAN while tunneled into a Cisco Adaptive Security
Appliance (ASA) 5500 Series or the ASA 5500-X Series. This configuration allows Cisco VPN
Clients or the Cisco AnyConnect Secure Mobility Client secure access to corporate resources via
IPsec, Secure Sockets Layer (SSL), or Internet Key Exchange Version 2 (IKEv2) and still gives the
client the ability to carry out activities such as printing where the client is located. If it is permitted,
traffic destined for the Internet is still tunneled to the ASA.

Note: This is not a configuration for split tunneling, where the client has unencrypted access
to the Internet while connected to the ASA or PIX. Refer to

PIX/ASA 7.x: Allow Split

Tunneling for VPN Clients on the ASA Configuration Example

for information on how to

configure split tunneling on the ASA.

Prerequisites

Requirements

This document assumes that a functional remote access VPN configuration already exists on the
ASA.

Refer to

PIX/ASA 7.x as a Remote VPN Server using ASDM Configuration Example

for the

Cisco VPN Client if one is not already configured.