1、
防火墙上开启WEB×××
Web***
Enable outside
Svc p_w_picpath disk0:/sslclient*
Svc enable
<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
2、
创建本地地址池、创建ACL
Ip local pool ***-pool 192.168.1.1-192.168.1.100
Access-list 100 permit ip 192.168.1.0 255.255.255.0 192.168.10.0 255.255.255.0
3、
创建组策略
Group-policy ***-group-policy internal
Group-policy ***-group-policy attributes
***-tunnel-group web*** svc
Split-tunnel-policy tunnelspecified
Tunnel-group-network-list value 100
Web***
Svc ask enable
4、
创建隧道组
Tunnel-group ***-tunnel-group type web***
Tunnel-group ***-tunnel-group general-attributes
Address-pool ***-pool
Tunnel-group ***-tunnel-group web***-attributes
Group-alias group enable
5、
应用隧道
Web***
Tunnel-group-list enable
转载于:https://blog.51cto.com/01011/410993