specify local routes using split tunneling?

Unanswered Question
Oct 12th, 2007

I have a cisco 1721 running 12.4 terminating a ras vpn and have gotten it working, using split tunneling. However, Is there a way to specify which routes will be considered "local". Forexample, if I simply activate include local lan, only that subnet will be treated as local. I want to be able to have internet traffic also go thru the vpn. My issue is that if I am connecting via the vpn and I need access to local resources on other subnets(like a larger company that has PCs on one subnet, servers on another, etc), but still have access to my remote network and have internet traffic tunneled accross the vpn, without having to explicitly add all internet class A routes as well as secured routes in the split tunnel ACL. I tried using deny statements in the split tunnel ACL however that did not work, as it treated the denys as permits. Is this doable and if so, how? I already have everything else working, as far as internet traffic flowing thru the vpn.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ddaugherty1264 Mon, 10/22/2007 - 12:10

Please let me know if you get this working. I have the same issue on a 2811 ver 12.4.13b. I a convienced that a "deny" statement on a EZVPN group ACL really messes things up.

jharris2006 Tue, 04/15/2008 - 23:07

Did anyone of you get a work around to this? i'm trying do route certain internet traffic through our main site. I have two sites connected via ezvpn server using asa 5505's.


This Discussion