Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
4
Replies

Split Tunneling

lercnetworks
Level 1
Level 1

‎08-05-2005 08:25 PM - edited ‎03-09-2019 12:03 PM

Hello, I have a PIX 515E running 6.3(4)with remote access VPN setup. Everything with the VPN works fine, but I am having an issue with split tunneling. I need to be able to allow access to the local LAN without giving access to the internet while connected to the VPN. Is this possible? Any help would be appreciated.

Thanks,

Curt

Labels:
0 Helpful
4 Replies 4

scottmac
Level 10
Level 10

‎08-07-2005 05:04 AM

I believe you can do that.

At the client, there's a checkbox for Allow Local LAN access (lower left corner, "Transport" tab of the Version 4 client) , which is separate from the setting at the server side for "permit split tunneling."

Which part is not working for you? What have you tried so far?

Good Luck

Scott

0 Helpful

lercnetworks
Level 1
Level 1
In response to scottmac

‎08-07-2005 10:32 AM

Scott,

I have the Allow Local LAN access set on the client and split tunneling is disabled, but I am still not able to access my local LAN. Do I have to add an additional ACL?

Curt

0 Helpful

scottmac
Level 10
Level 10
In response to lercnetworks

‎08-07-2005 07:17 PM

I played with it some today: It appears that the Server parameters override the local setting.

I'll look a little deeper tomorrow in the Lab and see if there's other options.

-Scott

0 Helpful

shijogeorge
Level 1
Level 1
In response to scottmac

‎08-08-2005 03:43 AM

Hi,

Split Tunneling has to be enabled to allow local LAN access.

Pls try this.

On the split tunneling ACL, deny the Local LAN subnet so that traffic to this subnet will be routed outside the Tunnel followed by a 'permit any' statement which pushes all other traffic through the tunnel.

Enable Local LAN Access in the client also.

HTH

Regards,

Shijo George.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents