05-21-2004 07:59 AM
Hiya
Re VPN client software. I have successfully got the VPN client software working from a remote office and dialling into the central company network. However,I would still like to be able to use the local office network and browse the lan. I have enabled the local lan option in the vpn client but while I keep my local lan address, I can't ping/browse network neighborhood. What else do I need to do ?
TIA
05-21-2004 09:56 AM
You need to be connecting to something with split tunnelling enabled at the head end.
01-27-2009 12:37 AM
Thanks mostiguy@netnumina.com,
But how can we do it ? Is there a command we should do inside the firewall?
Regards.
01-27-2009 03:58 AM
Hello husseinmuneer!
There was something wrong with my previous post attempt, so I
hope this won't appear twice.
If you are using ASA as the headend device, here's what you need to do:
1. Create a standard access-list:
access-l aclLocalLAN standard permit host 0.0.0.0
2. Under the group policy select the way you want the traffic to be tunneled:
group-policy Test attributes
split-tunnel-policy excludespecified
split-tunnel-network-list value aclLocalLAN
3. Connect tunnel-group to a group-policy:
tunnel-group Test general-attributes
default-group-policy Test
4. Your client should be configured fine as for the split tunneling configuration.
Hope this helps.
Regs,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide