Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
697
Views
0
Helpful
1
Replies

PIX 501 Internet access for clients vpn

nrousseau
Level 1
Level 1

‎01-06-2005 01:42 AM - edited ‎02-20-2020 11:51 PM

Hello,

Equipement used : PIX501 6.3(4) + Cisco VPN client 4.0.2

Is there any way to permit Internet Access from VPN Clients when they're connected to the PIX501 ?

Actually, vpn clients have to disconnect from vpn to be able to access to Internet.

I guess that's normal and a security default parameter, what is the best way to give Internet access for vpn clients ?

Thanks for help

0 Helpful
1 Reply 1

sachinraja
Level 9
Level 9

‎01-08-2005 11:28 PM

hello..

this is the default behaviour of VPN client.. this is to enhance the security of blocking internet when on the Private network. you can anyway configure split tunneling to overrule this... on the vpn group configure the following:

vpngroup abcvpn split-tunneling 100

access-list 100 permit ip host 192.168.100.1 (server) 10.1.1.0 255.255.255.0 (Ip pool)

this will allow only traffic from the ip pool to the server 192.168.100.1 through the ipsec tunnel. all other traffic is put on the lan card and you can access internet on this case..

hope this helps.. all the best..rate replies if found useful..

Raj

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card