08-05-2005 08:25 PM - edited 03-09-2019 12:03 PM
Hello, I have a PIX 515E running 6.3(4)with remote access VPN setup. Everything with the VPN works fine, but I am having an issue with split tunneling. I need to be able to allow access to the local LAN without giving access to the internet while connected to the VPN. Is this possible? Any help would be appreciated.
Thanks,
Curt
08-07-2005 05:04 AM
I believe you can do that.
At the client, there's a checkbox for Allow Local LAN access (lower left corner, "Transport" tab of the Version 4 client) , which is separate from the setting at the server side for "permit split tunneling."
Which part is not working for you? What have you tried so far?
Good Luck
Scott
08-07-2005 10:32 AM
Scott,
I have the Allow Local LAN access set on the client and split tunneling is disabled, but I am still not able to access my local LAN. Do I have to add an additional ACL?
Curt
08-07-2005 07:17 PM
I played with it some today: It appears that the Server parameters override the local setting.
I'll look a little deeper tomorrow in the Lab and see if there's other options.
-Scott
08-08-2005 03:43 AM
Hi,
Split Tunneling has to be enabled to allow local LAN access.
Pls try this.
On the split tunneling ACL, deny the Local LAN subnet so that traffic to this subnet will be routed outside the Tunnel followed by a 'permit any' statement which pushes all other traffic through the tunnel.
Enable Local LAN Access in the client also.
HTH
Regards,
Shijo George.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide