SEC0404 – Firepower 7.0 AnyConnect VPN RADIUS Attributes (Part 2)

In this video we will look into split tunneling that we skipped earlier
Split tunnel ACL will need to exist on the firewall and cannot be pushed from RADIUS server like DACL
Issue is that ACL cannot be pushed by FMC to FTD unless it is being used somewhere like in a route map
If we want to configure simple ACL then that is possible through flexconfig only
FMC does not let us configure config that might interfere with config that is already managed by FMC

Split tunnel ACL is known as Split tunnel list in ISE attributes

This 172.16.32.40/32 is route for DNS server due to Split DNS config

Split include