cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
860
Views
0
Helpful
7
Replies
gglynn
Beginner

Allow Local LAN Access

Can someone explain exactly what the "Allow Local LAN Access" checkbox does in the VPN client? How is the behavior of the client affected with and without this box checked with split tunneling enabled and disabled at the VPN server (ASA/PIX/Concentrator)?

7 REPLIES 7
dsweeny
Participant

It allow users to access the local networks while the VPN is established.

Refer this link for more info:

It allow users to access the local networks while the VPN is established.

Yes, but what does that mean? Split tunneling allows the user to access local networks while the VPN is established, too (because only traffic to explicitly configured networks tunneled).

What, precisely, does the checkbox do when split tunneling is enabled, and when it is not?

Bump.

It's basically split tunnelling but only allowing access to local lan, not the internet.

So:

a) If split tunneling is enabled and configured on the concentrator, what effect does checking this box have?

b) If split tunneling is disabled on the concentrator, what effect does checking this box have?

a) It allows you to split tunnel.

b) It would have no effect if not enabled on the concentrator.

re-bump.  I'm in a similar situation where I need to know what "Allow Local LAN Access" is doing rather than a summation of what the end goal is intended to be.

When I configure my ACS for "Tunnel Everything except Local-LAN", the user gets a secured route for 0.0.0.0/0 from the 3000 Concentrator.  When the VPN client also has "Allow Local LAN Access" selected they get 10/8 172.16/12 and 192.168/16 in their unsecured routes.  Neither of these are the end goal as the intent is to have ACS inform the Concentrator to hand out a 0.0.0.0/0 secured route and a 192.168.x.x/x unsecured route for the local lan.

Is ACS calling the wrong group on the Concentrator?  Is the Concentrator misconfigured?  Is the Client causing the rfc 1918 routes to show up on the wrong side?.  What are these things -doing-?

Content for Community-Ad