Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
474
Views
0
Helpful
2
Replies

Re:Configuring Split Tunneling in PIX firewall

CSCO11776584
Level 1
Level 1

‎10-17-2012 12:26 AM - edited ‎03-11-2019 05:10 PM

Hi,

I have a PIX firewall configured with  Site-to-Site VPN. LAN users are able to access the VPN tunnel but internet is not working. I wanted to know the concept of split tunneling and also configuration examples.

Thanks in advance!

Regards,

Prashant

Labels:
0 Helpful
2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

‎10-17-2012 12:36 AM

Normally you don't configure split tunnel on site-to-site VPN, split tunnel is for remote access VPN.

Can you pls share the current config from both end and also advise which end doesn't have access to the internet?

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni

‎10-17-2012 02:31 AM

Hi,

You wouldnt by any chance configured a NAT0 / NAT Exemption access-list with the destination address keyword of "any" ?

For example

access-list nat0 permit ip 10.10.10.0 255.255.255.0 any

nat (inside) 0 access-list nat0

Which would basicly not translate any traffic from "inside" to any destination address. Presuming that 10.10.10.0/24 is your LAN network (and only LAN network)

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card