Because your videos are superb, I bought the book to add to my library, thanks for making life a little bit easier.

Good Videos with great explanation.... Thanks Don R. Crawley

Excellent video. The example you showed is great in getting internet access, but what if you want internet to be tunneled also? Meaning, once connected to the VPN and I'm accessing the internet, I would like to use the IP of the ASA outside IP. Help please.... I've used the same-security permit intra-interface... did not work.

Very good. Solve my problem.

@8:23 I'm confused by your use of ACL's in place of what would normally be Object Groups. Why is a network list an ACL rule instead of an network object group?

Hi, Can you post a video for hairpinning (ipsec site to site and vpn client) Thanks.

You're using the term "split tunnel" but what part of the network are you splitting? The subnet that goes through the VPN tunnel or the subnet you DON't want to go through the VPN tunnel?

Hi, so i have split tunneling enabled on my ASA to allow remote devices to see local network resources, but they are unable to see other networks connected via site-to-site vpn. while physically on the network, we can access these site to site networks, but when VPNd in, no luck. looking at your video, i'm comfortable saying split tunneling is set up properly, but something else is blocking the VPN client at home from seeing those other networks. any ideas?

Awesome

I am using a site to site connection between site A and site B through internet. Each of my two sites has an asa 5520. As the site to site vpn is established, users of the site B can access in the site A LAN but they cant access to the internet. How can i do to allow them to access to the internet?

Hi Dan, what happens if you uncheck Inherit for Policy and choose Tunnel Network List Below, then you check Inherit for the Network List? I have that set up on my firewall and it inherits an ACL which is in the Network List if you uncheck Inherit and click Manage to select it. Why does it select that ACL if Inherit is checked? I can see it in the Anyconnect client where it shows the secured routes, and i have internet connection, so split tunneling is working. I am really not following this, the internet connection should not be working. Thx

If user try to connect to inside host with domain name instead of private ip address. How vpn client resolve domain name to private ip address?

I've done this setup but it won't let me RDP into other servers on the inside network.

if the remote user uses the split tunnel, and go to the internet, with what ip does it? with a IP from the ASA or from home ISP?

Hi- i have setup a site to site vpn tunnel using my ASA5512 the tunnel is up but my laptop that triggers the traffic to the remote site the pings timeout how do i enable the icmp rule to allow the traffic from the internal host laptop to the remote side pc.

I don't know if I am on the right video for this question. However, I wanted to ask if it is possible to share the Internet when using the Ciso Anyconnect software. I want to go online with my video game consoles but since Cisco has an almost allergic reaction to any internet sharing I have not been able to do so. I want to do this by setting up my PC as a hotspot that other devices can connect to. My laptop itself is connected to the inetrnet with Cisco Anyconnect and I want to share that exact signal. Currently I am using Windows 8.1. It worked fine under Win 7 (for unknown reasons) but now I have to set up the hotspot at least twice before having internet on my conoles for almost 20 minutes before the connection breaks down completely (I can't even reconnect to my VPN server so I have to reboot my PC entirely). Has anyone any idea what I can do? PS: As you might have guessed from my sloppy termina I am no IT expert which makes things even more difficult. However I will do my best to understand everything.

I done this but can't ping inside network but a inside computer can ping a vpn client :( any help ?