cancel
Showing results for 
Search instead for 
Did you mean: 

Blocking skype business to use VPN cisco anyconnect

Hi Gurus,

Is it possible to block Skype or Lync to use VPN thru cisco anyconnect? I would like to force the app go outside of the vpn like a split tunnel.

All traffic today goes thru the VPN when user is connected including skype, if somehow the traffic is blocked for an internal IP resolved it will try the public ones.

Is that possible to do on McAfee agent thru ePO?

Thanks in advance.

Russo

4 Replies
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 2 of 5

Re: Blocking skype business to use VPN cisco anyconnect

Successfully moved from Personal Firewall to ePolicy Orchestrator (ePO)  > Discussions

For better exposure ad assistance.

Cliff
McAfee Volunteer
Reliable Contributor tao
Reliable Contributor
Report Inappropriate Content
Message 3 of 5

Re: Blocking skype business to use VPN cisco anyconnect

"....Skype or Lync to use VPN thru cisco anyconnect..."  take a look at the Cisco ASA configuration; there may be some ACLs that your could deploy to block or reroute the traffic.

The McAfee Agent is the client‑side component providing a secure communication channel from McAfee managed point‑products (VSE, ENS so on) back to an ePolicy Orchestrator server. Consider the Agent as the Taxi cab for McAfee information from the managed system back to the ePO server.  So, it wouldn't necessarily have the ability to stop or allow traffic/application - that function would rest on the actual managed point-products (VSE, ENS, so on) on the managed system.

If this information was helpful or has answered your question, please select Accept as Solution. This will assist other memebers
Highlighted

Re: Blocking skype business to use VPN cisco anyconnect

The right place to do this is absolutely on your AnyConnect configuration.  You can apply ACLs or routes to connected clients to prevent them from connecting to your Skype/Lync servers over the VPN connection. 

You absolutely cannot do this with the McAfee Agent.  The only McAfee application you might be able to use to make this work is HIPS, due to its firewall functionality. But I can't imagine that it would be easier or less complex to do it in HIPS than to do it in your AnyConnect configuration.

Re: Blocking skype business to use VPN cisco anyconnect

Thanks for the info. I know that I should use HIPS and that is the matter, I think the easier way should be to block internal IP resolution on network firewall or as was said on AnyConnect itself.

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community