Free Preparation Discussions
MENU
Cisco Exam 350-701 Topic 3 Question 95 Discussion
Topic #: 3
An engineer must modify an existing remote access VPN using a Cisco AnyConnect Secure Mobility client solution and a Cisco Secure Firewall. Currently, all the traffic generate by the user Is sent to the VPN tunnel and the engineer must now exclude some servers and access them directly instead. Which element must be modified to achieve this goat?
To achieve the goal of excluding some servers from the VPN tunnel and accessing them directly, the engineer must modify the group policy that is applied to the remote access VPN users. The group policy contains the settings for split tunneling, which is a feature that allows the VPN client to route some traffic through the VPN tunnel and some traffic directly to the internet. Split tunneling can be configured based on the destination IP address, the application, or the domain name of the traffic. By modifying the group policy, the engineer can specify which servers or networks should be excluded from the VPN tunnel and accessed directly by the VPN client. This can improve the performance and efficiency of the VPN connection, as well as reduce the load on the VPN gateway and the corporate network. However, split tunneling also introduces some security risks, such as exposing the VPN client to internet threats, bypassing the corporate firewall and security policies, and leaking sensitive dat
a. Therefore, the engineer must carefully evaluate the trade-offs and best practices of using split tunneling for remote access VPNs.Reference:=
VPN Split Tunneling: What It Is & Pros and Cons
Cisco ASA - Enable Split Tunnel for Remote VPN Clients
Hortencia
9 days agoGail
1 days agoSabina
15 days agoHelene
6 days agoJoseph
16 days agoShasta
18 days agoAileen
22 days agoMatthew
1 months agoKimbery
1 months agoZana
1 months agoGail
6 days agoAlmeta
6 days agoLili
7 days agoBulah
9 days agoCassandra
23 days agoCristal
1 months ago