https://community.cisco.com/t5/network-security/asa-split-tunnels/m-p/574756#M423570 <P>I am doing a demo of the ASA and am having an issue with the split tunnel. </P><P></P><P>When a user connects via SSL and get the full tunnel client over SSL the user is not able to connect to anything on their local LAN. When bringing up the status box it says Local LAN: Disabled. I have gone through the docs and it appears that I have two options: 1) To allow local LAN access I have to tunnel ALL traffic including Internet traffic over the tunnel. 2) The other option is to only tunnel traffic over the tunnel to protected networks which lets the Internet traffic go out the local network, but the user can't reach anything on their local subnet. So if I were at home and had split tunnel configured to tunnel only protected traffic I wouldn't be able to communicate with other nodes on my local network which wouldn't work for users that have printers at home shared.</P><P></P><P>Thanks</P> Fri, 21 Feb 2020 09:08:39 GMT ftikphillips 2020-02-21T09:08:39Z https://community.cisco.com/t5/network-security/asa-split-tunnels/m-p/574756#M423570 <P>I am doing a demo of the ASA and am having an issue with the split tunnel. </P><P></P><P>When a user connects via SSL and get the full tunnel client over SSL the user is not able to connect to anything on their local LAN. When bringing up the status box it says Local LAN: Disabled. I have gone through the docs and it appears that I have two options: 1) To allow local LAN access I have to tunnel ALL traffic including Internet traffic over the tunnel. 2) The other option is to only tunnel traffic over the tunnel to protected networks which lets the Internet traffic go out the local network, but the user can't reach anything on their local subnet. So if I were at home and had split tunnel configured to tunnel only protected traffic I wouldn't be able to communicate with other nodes on my local network which wouldn't work for users that have printers at home shared.</P><P></P><P>Thanks</P> Fri, 21 Feb 2020 09:08:39 GMT https://community.cisco.com/t5/network-security/asa-split-tunnels/m-p/574756#M423570 ftikphillips 2020-02-21T09:08:39Z https://community.cisco.com/t5/network-security/asa-split-tunnels/m-p/574757#M423572 <HTML><HEAD></HEAD><BODY><P>Configure the ASA via the Adaptive Security Device Manager (ASDM) or Configure the ASA via the CLI .Refer the following URL </P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702992.shtml#maintask1" target="_blank">http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702992.shtml#maintask1</A></P></BODY></HTML> Tue, 05 Sep 2006 14:03:14 GMT https://community.cisco.com/t5/network-security/asa-split-tunnels/m-p/574757#M423572 b.speltz 2006-09-05T14:03:14Z https://community.cisco.com/t5/network-security/asa-split-tunnels/m-p/574758#M423574 <HTML><HEAD></HEAD><BODY><P>The problem with this scenario is that it tunnels all traffic, including Internet traffic, over the tunnel when I want the Internet traffic to go out the local connection. So if you were sitting at home, you could access your work network over the tunnel, Internet via your home network, and still access your local LAN resources. This configuration only allows local LAN access by tunneling all other traffic over the tunnel.</P></BODY></HTML> Tue, 05 Sep 2006 16:29:36 GMT https://community.cisco.com/t5/network-security/asa-split-tunnels/m-p/574758#M423574 ftikphillips 2006-09-05T16:29:36Z