split tunnel pptp vpn on 7200 router

Answered Question
Apr 19th, 2010
I have cisco 7200 run Cisco IOS Software, 7200  Software (C7200-ADVENTERPRISEK9-M), Version 12.4(24)T2, RELEASE SOFTWARE  (fc2).

I want whoever connects to the pptp VPN to be able to  access the internet at the same time. I believe that this can be  achieved by implementing split tunnel VPN. However I can not figure out  how to implement this on my 7200. All the documentations that I have  found only say how to do this on a cisco ASA.

I have been looking  at this article to help me http://www.cisco.com/en/US/tech/tk59/technologies_configuration_example09186a00800a393b.shtml#con4

the VPN clients will be assigned  an ip address in the range 172.16.10.0/24 to access the remote network  fo 17.16.0.0/24

Looking at the article posted above i have  created the ACL

access-list 102 permit ip 172.16.0.0 0.0.0.255  172.16.10.0 0.0.0.255

What I can not figure out is how to apply  this to my VPDN PPTP group

vpdn enable
!
vpdn-group 1
!  Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!

interface Virtual-Template1
ip  unnumbered GigabitEthernet0/2
peer default ip address pool pptp-pool
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2
!

access-list  102 permit ip 172.16.0.0 0.0.0.255 172.16.10.0 0.0.0.255


ip  local pool pptp-pool 172.16.10.1 172.16.10.254

Any help will be  appreciated

Thanks


I have this problem too.
0 votes
Correct Answer by Jennifer Halim about 6 years 7 months ago

PPTP split tunnel is to be configured on the client's end. Unlike IPSec split tunnel which is performed on the head end, PPTP split tunnel is configured on the client itself.

Here is the configuration guide from the Q&A document (second last question):

http://www.cisco.com/en/US/partner/tech/tk827/tk369/technologies_q_and_a_item09186a00800946ef.shtml

Here is an article from Microsoft that supports that:

http://technet.microsoft.com/en-us/library/cc779919%28WS.10%29.aspx#w2k3tr_vpn_how_dkma

Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jennifer Halim Mon, 04/19/2010 - 04:16

PPTP split tunnel is to be configured on the client's end. Unlike IPSec split tunnel which is performed on the head end, PPTP split tunnel is configured on the client itself.

Here is the configuration guide from the Q&A document (second last question):

http://www.cisco.com/en/US/partner/tech/tk827/tk369/technologies_q_and_a_item09186a00800946ef.shtml

Here is an article from Microsoft that supports that:

http://technet.microsoft.com/en-us/library/cc779919%28WS.10%29.aspx#w2k3tr_vpn_how_dkma

Hope that helps.

Actions

This Discussion