Ping a Specific Port

Question

dunxd

Asked: 2011-02-04 05:25:59 +0800 CST2011-02-04 05:25:59 +0800 CST 2011-02-04 05:25:59 +0800 CST

Split tunnelling for Site to Site VPN on Cisco ASA

772

Is it possible to do split tunnelling with a site to site VPN connection using Cisco ASAs?

We have a Cisco ASA 5510 at head office, and Cisco 5505 in our branch office, currently connected via a Site-To-Site VPN. I'd like to give direct access to the internet for hosts in the branch office. Is it possible. I know it can be done for Remote Access VPN connections (Easy VPN), but can't find any documentation on Site-To-Site, so wondering if it is missing, or isn't there because it can't be done.

1 Answers

Voted

gravyface · Answer 1 · 2011-02-04T05:31:52+08:00

Best Answer

gravyface

2011-02-04T05:31:52+08:002011-02-04T05:31:52+08:00

Your standard site-to-site IPSec tunnel is only going to match "interesting" traffic: that is, your destination and source IP address matches the encrypt ACL setup.

Unless you set something up like 0.0.0.0 in your encrypt acl (or are using a proxy at head office), it should already be split-tunneled.

EDIT

You should be able to do a traceroute to Google, etc. to verify that your packets are leaving your 5505.

2

Split tunnelling for Site to Site VPN on Cisco ASA

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?