Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1990
Views
0
Helpful
1
Replies

why do client need server side "include-local-lan" ?

hansyin
Level 1
Level 1

‎11-12-2009 10:33 PM

I cannot fully understand this. vpn client already know its lan subnet, although it took default network from server side by mode-cfg, it can still exclude its local lan subnet by itself for encryption. Why does it need server side to configure "include-local-lan" to enable client local lan access?

for security? if server side don't have include-local-lan, then all traffic from client must go through vpn tunnel? I think client can still change its routing table to workaround this very easily after tunnel established.

Anybody can give me an idea about this?

Labels:
0 Helpful
1 Reply 1

Farrukh Haroon
VIP Alumni
VIP Alumni

‎11-23-2009 02:01 AM

Its not so easy to play around with the local routing table as the VPN client will use a virtual IP (gateway) to force traffic to it. But yes it can be done as you mentioned.

I really don't understand your 'why' question. Is it practical to hack the routing table of the client everytime you want to do local LAN access?

Regards

Farrukh

0 Helpful
Customers Also Viewed These Support Documents