cisco router remote access vpn split tunneling stopped working after ip cef command

Nilesh Joshi · ‎09-04-2012

Hi,

on cisco router we configured remote access vpn but after configuring

ip cef command split tunneling stopped working

So please anybody have any solution

interface Loopback 0

ip address 10.1.1.1 255.255.255.0

ip nat inside

ip access-list extended ACL-OUTSIDE-PBR

deny ip 10.9.0.0 0.0.0.255 10.10.10.0 0.0.0.255

permit ip 10.9.0.0 0.0.0.255 any

route-map RM-OUTSIDE-PBR permit 10

match ip address ACL-OUTSIDE-PBR

set ip next-hop 10.1.1.2

interface FastEthernet 0/1

ip policy route-map RM-OUTSIDE-PBR

ip access-list extended ACL-POLICY-NAT

permit ip 10.9.0.0 0.0.0.255 any

p access-list extended ACL-POLICY-NAT

9 deny 10.10.10.0 0.0.0.255 10.9.1.0 0.0.0.255

ip access-list extended SPLIT-TUNNEL

permit ip 10.9.1.0 0.0.0.255 10.10.10.0 0.0.0.255

ip local pool VPNSPLITPOOL 10.9.1.1 10.9.1.254

crypto isakmp client configuration group vpnsplit

key *********

dns 4.2.2.2

acl SPLIT-TUNNEL

pool VPNSPLITPOOL

Nil

Jennifer Halim · ‎09-04-2012

Sounds like a bug to me if you enable "ip cef" and split tunnel stops working.

Pls upgrade your router to a later version and it should resolve the issue.

Javier Portuguez · ‎09-04-2012

Hi,

I agree with Jennifer, an upgrade may fix the issue, but instead of going straight to it, could you please provide the "show ip route", "show run | inc ip route" and "show arp", during a VPN connection test?

I would like to verify a couple of things

Thanx.

Portu

Sent from Cisco Technical Support Android App