I will upgrade a PIX 6.3 to a PIX 7.2.
Current behavior (with PIX 6.3) is that none of the remote VPN users clients connecting to the PIX can access the internet since split tunneling is disable.
But once the upgrade is completed, the customer requires that a new group of users VPNing the network be able to go back to the internet.
Therefore, I would like to know if it is feasible to have 2 vpn profiles where in profile A, its users vpn the network and only be granted access to the internal LAN (no internet whatsoever) whereas for profile B, its users can access LAN and access internet too.
Your thoughts are more than welcome.
Thanks in advance, JB