cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
647
Views
0
Helpful
3
Replies
Highlighted
Beginner

Cisco EasyVPN Client Internet Access

Hi,

I have a Cisco 887 which has been configured mainly using CCP, I have managed to setup a basic configuration with a firewall and now a VPN. I can get clients to VPN into the office and access the local LAN resources. From what I've read I am not using Split tunneling as I can connect using the VPN client on my iphone ( which I want). But any VPN client can't access the internet.

I guess I need to add something to route the traffic back out? But I am unsure on what exactly?

I have attached my config, appreciate any help on this plus any other tips if you see any schoolboy errors!

Thanks

James

3 REPLIES 3
Highlighted
Engager

hi james,

could you try:

Router(config)#ip access-list extended SPLIT-TUNNEL

Router(config-ext-nacl)#permit ip 10.0.0.0 0.255.255.255 any

Router(config)#crypto isakmp client configuration RemoteUsers

Router(config-isakmp-group)#acl SPLIT-TUNNEL

Highlighted

Hi,

Thanks,I've read that adding a split tunnel will stop my iphone vpn from working? I wanted all vpn traffic to be routed through the tunnel including Internet traffic.




Sent from Cisco Technical Support iPad App

Highlighted

Hi James,

Split tunnelling will just protect "interesting" traffic matched by the ACL and send it to the VPN tunnel. Other network traffic will be routed as per normal.

It is not advisable to include Internet traffic as this will put your private network at risk and also cause a congestion to your VPN connection.

Sent from Cisco Technical Support iPhone App