Hi,
I've some RAP's in remote site which is provisioned with the controller in HQ.
The Remote users are getting ip address from HQ DHCP server and also getting amigopod authentication page, once the users get authenticated users couldnt access internet through locally they are again coming into HQ.
I knew there is a an issue with split tunnel policy. can anyone explain the exact policy to route the internet traffic locally not to the HQ?
I've created three policies in AAA profile.
Amigopod
Captive portal
Logon-Control
ip access-list session Amigopod
any alias Amigopod svc-https permit
any alias Amigopod svc-http permit
any host 192.168.0.29 any permit
ip access-list session captiveportal
user alias controller svc-https dst-nat 8081
user any svc-http dst-nat 8080
user any svc-https dst-nat 8081
user any svc-http-proxy1 dst-nat 8088
user any svc-http-proxy2 dst-nat 8088
user any svc-http-proxy3 dst-nat 8088
ip access-list session logon-control
user any udp 68 deny
any any svc-icmp permit
any any svc-dns permit
any any svc-dhcp permit
any any svc-natt permit
Can anyone tell where i need to add the rule for split tunnel?