dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
597
m1979
join:2011-04-17

m1979

Member

Split tunneling ?

I configured EasyVPN on my 877w router. It works fine, I can vpn and can ping all devices on LAN..

1. Without split tunneling I cannot access the Inernet... Why doesn't it work when I vpn? dont know? Internet traffic should go through my Cisco router? I have read it might be sth with NAT?

2. When I implement split tunneling, I can access the Internet but cannot ping anything on LAN?

I configured it like this:
crypto isakmp client configuration group VPN_GROUP
 acl 150
 
access-list 150 permit ip 192.168.250.0 0.0.0.255 any
 

When I try to tracert from a CLient to LAN, it goes to the Internet default gateway?

192.168.250.x is a pool for my vpn clients. Any hints? reverse-route is present... Am I missing anything guys?
m1979

m1979

Member

Found the answer for the second issue:
ACL should permit LAN IP addressing, not the VPN pool

Any ideas about issue number 1?
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to m1979

MVM

to m1979
Would help to post a copy of your config -- minus passwords / sensitive info -- for review.

Regards