split tunnel pptp vpn on 7200 router

Answered Question
Apr 19th, 2010
User Badges:
I have cisco 7200 run Cisco IOS Software, 7200  Software (C7200-ADVENTERPRISEK9-M), Version 12.4(24)T2, RELEASE SOFTWARE  (fc2).


I want whoever connects to the pptp VPN to be able to  access the internet at the same time. I believe that this can be  achieved by implementing split tunnel VPN. However I can not figure out  how to implement this on my 7200. All the documentations that I have  found only say how to do this on a cisco ASA.


I have been looking  at this article to help me http://www.cisco.com/en/US/tech/tk59/technologies_configuration_example09186a00800a393b.shtml#con4


the VPN clients will be assigned  an ip address in the range 172.16.10.0/24 to access the remote network  fo 17.16.0.0/24


Looking at the article posted above i have  created the ACL


access-list 102 permit ip 172.16.0.0 0.0.0.255  172.16.10.0 0.0.0.255


What I can not figure out is how to apply  this to my VPDN PPTP group


vpdn enable
!
vpdn-group 1
!  Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!


interface Virtual-Template1
ip  unnumbered GigabitEthernet0/2
peer default ip address pool pptp-pool
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2
!


access-list  102 permit ip 172.16.0.0 0.0.0.255 172.16.10.0 0.0.0.255



ip  local pool pptp-pool 172.16.10.1 172.16.10.254


Any help will be  appreciated


Thanks


Correct Answer by Jennifer Halim about 7 years 3 months ago

PPTP split tunnel is to be configured on the client's end. Unlike IPSec split tunnel which is performed on the head end, PPTP split tunnel is configured on the client itself.


Here is the configuration guide from the Q&A document (second last question):

http://www.cisco.com/en/US/partner/tech/tk827/tk369/technologies_q_and_a_item09186a00800946ef.shtml


Here is an article from Microsoft that supports that:

http://technet.microsoft.com/en-us/library/cc779919%28WS.10%29.aspx#w2k3tr_vpn_how_dkma


Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jennifer Halim Mon, 04/19/2010 - 04:16
User Badges:
  • Cisco Employee,

PPTP split tunnel is to be configured on the client's end. Unlike IPSec split tunnel which is performed on the head end, PPTP split tunnel is configured on the client itself.


Here is the configuration guide from the Q&A document (second last question):

http://www.cisco.com/en/US/partner/tech/tk827/tk369/technologies_q_and_a_item09186a00800946ef.shtml


Here is an article from Microsoft that supports that:

http://technet.microsoft.com/en-us/library/cc779919%28WS.10%29.aspx#w2k3tr_vpn_how_dkma


Hope that helps.

Actions

This Discussion