vpn client and the local lan

mary_odriscoll · ‎05-21-2004

Hiya

Re VPN client software. I have successfully got the VPN client software working from a remote office and dialling into the central company network. However,I would still like to be able to use the local office network and browse the lan. I have enabled the local lan option in the vpn client but while I keep my local lan address, I can't ping/browse network neighborhood. What else do I need to do ?

TIA

mostiguy · ‎05-21-2004

You need to be connecting to something with split tunnelling enabled at the head end.

husseinmuneer · ‎01-27-2009

Thanks mostiguy@netnumina.com,

But how can we do it ? Is there a command we should do inside the firewall?

Regards.

sasa.popravak · ‎01-27-2009

Hello husseinmuneer!

There was something wrong with my previous post attempt, so I

hope this won't appear twice.

If you are using ASA as the headend device, here's what you need to do:

1. Create a standard access-list:

access-l aclLocalLAN standard permit host 0.0.0.0

2. Under the group policy select the way you want the traffic to be tunneled:

group-policy Test attributes

split-tunnel-policy excludespecified

split-tunnel-network-list value aclLocalLAN

3. Connect tunnel-group to a group-policy:

tunnel-group Test general-attributes

default-group-policy Test

4. Your client should be configured fine as for the split tunneling configuration.

Hope this helps.

Regs,