cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

319
Views
0
Helpful
5
Replies
k.ramalingam
Beginner

Split tunneling

Hi Expert,

I have a requirement which asks for tunneling all traffic from vpn client except for 3 public IP addresses. The Client VPN terminates on ASA 5510 version 7.2(4)

The configuration I tried are as below:

access-list exclude_1 extended permit ip 10.24.30.0 255.255.255.0 host 202.3.10.210

access-list exclude_1 extended permit ip 10.24.30.0 255.255.255.0 host 202.3.10.222

access-list exclude_1 extended permit ip 10.24.30.0 255.255.255.0 host 203.2.190.222

group-policy BartterPolicy attributes

wins-server value 10.1.0.63 10.3.0.1

dns-server value 10.1.0.63 10.3.0.1

vpn-tunnel-protocol IPSec

split-tunnel-policy excludespecified

split-tunnel-network-list value exclude_1

but from the stats - route details it stills shows 0.0.0.0 in the secure routes which means tunnel all traffic.

Any idea why this is happening. Thanks in advance.

5 REPLIES 5
andrew.prince
Advocate

What version of code are you running?

try a different approach:-

split-tunnel-policy tunnelspecified

split-tunnel-network-list value exclude_1

access-list exclude_1 extended deny ip 10.24.30.0 255.255.255.0 host 202.3.10.210

access-list exclude_1 extended deny ip 10.24.30.0 255.255.255.0 host 202.3.10.222

access-list exclude_1 extended deny ip 10.24.30.0 255.255.255.0 host 203.2.190.222

access-list exclude_1 extended permit ip 10.24.30.0 255.255.255.0 any

HTH>

No luck. with this all internal access is not working but Internet access works with any restriction.

post the relevant config for review.

the checkbox on the client for allow local lan needs to be checked.

srikantganesh
Beginner

Under splittunneling access list try adding the IP of the gateway on the remote client side

Also enable split dns

Create
Recognize Your Peers
Content for Community-Ad