Allowing VPN Client access to internet without split tunneling

Unanswered Question
Jul 29th, 2008
User Badges:

Hi, I'm trying to setup my pix515E ver. 8.0 to allow access to internet without using split tunnel. I am able to get connected, but unable to do anything else. Any help will be appreciated. I did try the vpn on a stick, but no luck. Also, tried some of the other fixes that worked for others. Config attached.

Thanks in Advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Tue, 07/29/2008 - 12:26
User Badges:
  • Green, 3000 points or more

Is the only problem the vpn on a stick, or the vpn is not working at all?

You don't need the outside access list for the vpn traffic since you most likely have sysopt connection permit-vpn, which is enabled by default.

Hairpinning configuration looks ok.

Are vpn clients getting a dns server address?

group-policy DCPDS_SOA attributes

dns-server none

techiegrl Tue, 07/29/2008 - 12:34
User Badges:

Yes, the vpn clients are getting through and getting the test banner, but for some reason when I add the DNS that we use for outside it does not work. THanks.


This Discussion