cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 5
‎03-15-2017 08:19 AM

Blocking skype business to use VPN cisco anyconnect

Hi Gurus,

Is it possible to block Skype or Lync to use VPN thru cisco anyconnect? I would like to force the app go outside of the vpn like a split tunnel.

All traffic today goes thru the VPN when user is connected including skype, if somehow the traffic is blocked for an internal IP resolved it will try the public ones.

Is that possible to do on McAfee agent thru ePO?

Thanks in advance.

Russo

0 Kudos
Reply
4 Replies
catdaddy
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 5
‎03-15-2017 08:43 AM

Re: Blocking skype business to use VPN cisco anyconnect

Successfully moved from Personal Firewall to ePolicy Orchestrator (ePO)  > Discussions

For better exposure ad assistance.

Cliff
McAfee Volunteer
0 Kudos
Reply
tao
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 5
‎03-15-2017 09:33 AM

Re: Blocking skype business to use VPN cisco anyconnect

"....Skype or Lync to use VPN thru cisco anyconnect..."  take a look at the Cisco ASA configuration; there may be some ACLs that your could deploy to block or reroute the traffic.

The McAfee Agent is the client‑side component providing a secure communication channel from McAfee managed point‑products (VSE, ENS so on) back to an ePolicy Orchestrator server. Consider the Agent as the Taxi cab for McAfee information from the managed system back to the ePO server.  So, it wouldn't necessarily have the ability to stop or allow traffic/application - that function would rest on the actual managed point-products (VSE, ENS, so on) on the managed system.

If this information was helpful or has answered your question, please select Accept as Solution. This will assist other memebers
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 5
‎03-15-2017 11:26 AM

Re: Blocking skype business to use VPN cisco anyconnect

The right place to do this is absolutely on your AnyConnect configuration.  You can apply ACLs or routes to connected clients to prevent them from connecting to your Skype/Lync servers over the VPN connection. 

You absolutely cannot do this with the McAfee Agent.  The only McAfee application you might be able to use to make this work is HIPS, due to its firewall functionality. But I can't imagine that it would be easier or less complex to do it in HIPS than to do it in your AnyConnect configuration.

Reply
Former Member
Not applicable
Report Inappropriate Content
Message 5 of 5
‎03-16-2017 01:56 AM

Re: Blocking skype business to use VPN cisco anyconnect

Thanks for the info. I know that I should use HIPS and that is the matter, I think the easier way should be to block internal IP resolution on network firewall or as was said on AnyConnect itself.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com for Enterprise

Legal   |   Privacy   |   Copyright © 2021 Musarubra US LLC