As title states, I am wondering if I can use PBR on the WAN interface of an ASA?
Scenario is this: Currently, all end user, web based traffic, is to be routed to a VTI on the ASA, then to ZScaler. This works just fine. ACL defined. Route-map statement, match ACL and next hop to VTI. Policy-route route-map xxx applied to Inside interface, no problem. Id like to include AnyConnect web based traffic to this tunnel as well. That would mean applying a similar policy-route route-map config to the WAN interface as that is technically the source of the AnyConnect traffic. Is this possible? Or is this something in the AnyConnect group-policy that I need to define? If there is any further information needed, let me know. Thanks!
No comments:
Post a Comment