10-17-2012 12:26 AM - edited 03-11-2019 05:10 PM
Hi,
I have a PIX firewall configured with Site-to-Site VPN. LAN users are able to access the VPN tunnel but internet is not working. I wanted to know the concept of split tunneling and also configuration examples.
Thanks in advance!
Regards,
Prashant
10-17-2012 12:36 AM
Normally you don't configure split tunnel on site-to-site VPN, split tunnel is for remote access VPN.
Can you pls share the current config from both end and also advise which end doesn't have access to the internet?
10-17-2012 02:31 AM
Hi,
You wouldnt by any chance configured a NAT0 / NAT Exemption access-list with the destination address keyword of "any" ?
For example
access-list nat0 permit ip 10.10.10.0 255.255.255.0 any
nat (inside) 0 access-list nat0
Which would basicly not translate any traffic from "inside" to any destination address. Presuming that 10.10.10.0/24 is your LAN network (and only LAN network)
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide