Hi can anyone help me? I have 881 router as an Ezvpn Remote, on server side split tunneling is enabled and I what to filter traffic on Remote Router, I want my remote clients to access only internal resources but don't want to touch default route, some kind of access-list would be perfect.
here is my remote config:
crypto ipsec client ezvpn TEST
connect auto
group xxxx key xxxx
mode client
peer 81.x.x.x
username xxxx password xxxx
xauth userid mode local
interface FastEthernet4
ip address x.x.x.x
duplex auto
speed auto
crypto ipsec client ezvpn TEST
interface Vlan1
description To Wanex$ETH-WAN$
ip address 192.168.0.10 255.255.255.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip virtual-reassembly
crypto ipsec client ezvpn TEST inside
Digomi881#show crypto ipsec client ezvpn
Easy VPN Remote Phase: 8
Tunnel name : TEST
Inside interface list: Vlan1
Outside interface: FastEthernet4
Current State: IPSEC_ACTIVE
Last Event: MTU_CHANGED
Address: 172.20.0.40 (applied on Loopback10000)
Mask: 255.255.255.255
DNS Primary: 10.1.28.10
Save Password: Allowed
Split Tunnel List: 1
Address : 10.1.200.2
Mask : 255.255.255.255
Protocol : 0x0
Source Port: 0
Dest Port : 0
Split Tunnel List: 2
Address : 10.1.29.0
Mask : 255.255.255.0
Protocol : 0x0
Source Port: 0
Dest Port : 0
Split Tunnel List: 3
Address : 10.1.31.0
Mask : 255.255.255.0
Protocol : 0x0
Source Port: 0
Dest Port : 0
Split Tunnel List: 4
Address : 10.1.28.14
Mask : 255.255.255.255
Protocol : 0x0
Source Port: 0
Dest Port : 0
Current EzVPN Peer: 81.x.x.x
Does anyone have idea how to solve this task?
thanks in advance