Anyconnect client dynamic split tunnell based on user

SA1
Comes here often

Anyconnect client dynamic split tunnell based on user

Hi,

With MX Anyconnect is possibile to send specific traffic (some subnet) through VPN based on user, for example based on group policy or based on same radius attribute?

 

Thanks

4 Replies 4
DarrenOC
Kind of a big deal
Kind of a big deal

Hi @SA1 

 

Looks possible using Group policies via Radius:

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Overview

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
SA1
Comes here often

Group Policy only assign firewall rules to single user without edit route setting. Can i also change routing based on user group policy? My idea is: permitted destination --> encapsulate in vpn, not permitted traffic --> not encapsulated.

 

 

PhilipDAth
Kind of a big deal
Kind of a big deal

No.

 

However, you can give everyone a split tunnel list that includes everything, and then use group policy to control which things on that list they can access.

SA1
Comes here often

And manually can I set different split tunnel to different user? Meraki will add this function?

Get notified when there are additional replies to this discussion.