ACS Downloadable access list with PIX

Unanswered Question
Jun 27th, 2007


We have deployed ACS 1113 with 4.1 version recently in our network.

I had configured downloadable access list in ACS for remote VPN users.

But when user connects to and authenticate to ACS then the user is not able to browse internet from his PC.

Earlier user were able to access internet as split tunnel was configured in PIX.

Can we configure something similar to spilt tunnel fuctionality in ACS, so that VPN user keep will have access to internet while connected on VPN.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Premdeep Banga Wed, 06/27/2007 - 04:25


I think this might not be possible on PIX, but should be on IOS.

What you can do is, configure split tunneling, and keep it wide open, and then using DACL's restrict access.

By the way what is the version of PIX that we have, I'll look into it. Let me see it for sure.



kashyapkamal Thu, 06/28/2007 - 00:05


1) 6.3 is running in PIX.

2) If i use spilt tunnel, then DACL does'nt work. Remote gets access which is allowed in access list of spilt tunnel.

If won't got your point then please get reply with little bit more detail..




This Discussion