Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
679
Views
0
Helpful
2
Replies

PIX 515E & VPN client & split-tunnel

piccololean
Level 1
Level 1

‎07-30-2005 09:29 AM

Hi all! I've a problem. Here's my scenario and my pix conf:

http://supportotesi.altervista.org/lastconf.txt

http://supportotesi.altervista.org/schema1.jpg

When a client is connected to the vpn with cisco vpn client 4, he can't surf internet anymore. Someone told me that I had to configure a split-tunnel but in this way it doesn't work... Can someone help me please? Thank you all!

Labels:
0 Helpful
2 Replies 2

abdel_n
Level 1
Level 1

‎08-02-2005 07:54 AM

If split-tunneling not enabled (by default) the only allowed and encrypted traffic is from easy vpn clients (software clients) to the pix (easy vpn server), but if enabled you have to define the traffic that will be tunneled and all other traffic will be sent in clear text.

So the acl “test_splitTunnelAcl” defined in the server side must indicate traffic that will be protected (from protected network(s) inside the pix to clients), in your case I guess from 10.0.0.0/24 to 10.0.9.0 /29 so try to change your acl to the following:

access-list test_splitTunnelAcl permit ip 10.0.0.0 255.255.255.0 10.0.9.0 255.255.255.248

0 Helpful

piccololean
Level 1
Level 1
In response to abdel_n

‎08-02-2005 10:17 AM

Very good! It works fine!

0 Helpful
Customers Also Viewed These Support Documents