VPN

duyngo · ‎11-05-2003

Currently, I have a VPN setup for remote users (using Cisco client 4.0.3) to access internal network and access internet. How do I force the traffic for a certain netblock to go through the VPN tunnel instead of going to the Internet? Any suggestion will be appreciated. Thanks

bfl1 · ‎11-05-2003

You need to implement Split tunneling and Split DNS - Split tunneling goes hand in hand with Split DNS.

With split tunneling, you define a list of all the subnets that will reside in your tunnel. Any traffic directed at a network defined in the list will be sent down the encrypted tunnel, all others will be sent out the Internet via the ISP. Likewise Split DNS allows you to define what domains will be resovled by your internal DNS, while all others are to be sent to the ISP's DNS server(s). Depending on what you are using as your VPN server - PIX/Router/Concentrator - the technical aspects of configuring this differ...

duyngo · ‎11-06-2003

I am using Split tunnel and everything works fine except I would like to force all the telnet sessions to go through the VPN tunnel, not to the internet and then hit the router. Currently, our routers are set up to allow only trusted IPs.

By the way, I am using PIX 515E as the VPN server. Let me know if you need more info. Thank you