We have a group of VPN users that is connecting to the vpn using at least Cisco VPN 5.0.01.0600 or newer. Once connected to the VPN they do not have access to the internet and we would like to keep it this way for security reason. This group of vpn users now have additional needs. This vpn group needs to stay connected to the vpn and not loose connectivity to a particular range of network internally (a peer to peer non routable address) Thru research it appears that we can specify the allowed network on the split tunnel. Our goal is to allow this group of users connectivity to the range of IP's when connecting the the VPN and to exclude the internet at large.
Does anyone have pointers for me or would know of any issues I would run into? Should I be worried about split DNS?