Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
278
Views
0
Helpful
1
Replies

PIX equivalent to tunnel default gateway?

rrich
Level 1
Level 1

‎02-13-2004 05:16 AM - edited ‎02-20-2020 11:14 PM

Hi,

I just dropped in a pix 501 for remote access to an office and was wondering if the pix has an equivalent to the 'tunnel default gateway' in the vpn concentrators... I'm not going to do split tunneling, but would like users to be able to access the Internet (via the tunnel) while still using internal resources.

Right now, the pix has a default route to return the encrypted traffic to the internet via it's 'outside' interface. However, if a user tries to go off network through a client connection, there is no 'default' for the inside interface. Attempts to add a second 'inside' default blow up.

This pix is dedicated for remote access, not firewalling, so any options would be considered.

Thanks!!!

Bob

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎02-14-2004 05:21 PM

The PIX doesn't have a TDG equivalent, nor will it allow users to go back out to the Internet. The PIX does not route packets back out an interface they came in on, that includes traffic coming in over a VPN tunnel and then being rerouted back out to the Internet. The only option for your users to have Internet access while their VPN is up is to do split tunneling. Sorry about that.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card