02-26-2009 09:30 AM
I'm implemented a split tunnel (thanks to several posts here) and it works great. But now it seems I've lost the ability to use a static route I have defined (see below). With the split tunnel enabled I am no longer able to get to the devices on the other side of 10.1.255.9 when connected via vpn.
route inside xx.xx.xx.0 255.255.255.0 10.1.255.9 1
02-26-2009 12:29 PM
What is your split-tunnel acl? What networks are you trying to reach? Do they have a route back to the VPN Pool that you are assigning to your clients?
02-26-2009 12:37 PM
Below is the ACL. I'm trying to reach the 10.220.101 network which is on the other side of the 10.1.255.9 router. This all works without split tunneling.
access-list 80 extended permit ip any 192.168.5.0 255.255.255.224
02-26-2009 12:45 PM
Your split-tunnel ACL works better if it is a standard acl, so suppose you need to get to the 10.1.220.0/24 network, your split-tunnel acl should be:
access-list split_tunnel standard permit 10.1.220.0 255.255.255.0
Add networks to this ACL as needed.
02-26-2009 01:01 PM
That is what I was missing! Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide