Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
739
Views
0
Helpful
5
Replies

Allowing Internet Access through SSL VPN (WebVPN)

Go to solution
nshoe18
Level 1
Level 1

‎07-29-2010 06:56 AM

I have my ssl vpn working on my 1821 router. I login and can move through my internal network. However when I am connected I cannot browse Internet web pages....looks like maybe a DNS issue? when I try to ping it looks like it resolves the name just does not pass any traffic.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎07-29-2010 07:02 AM

Are you trying to tunnel all the internet traffic through the SSL VPN as well, or you are doing split tunneling?

For split tunneling, here is the sample config:

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htwebvpn.html#wp1056267

(you would need to add the "svc split include ")

Hope that helps.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎07-29-2010 07:02 AM

Are you trying to tunnel all the internet traffic through the SSL VPN as well, or you are doing split tunneling?

For split tunneling, here is the sample config:

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htwebvpn.html#wp1056267

(you would need to add the "svc split include ")

Hope that helps.

0 Helpful

Go to solution
nshoe18
Level 1
Level 1
In response to Jennifer Halim

‎07-29-2010 07:13 AM

I am actually just trying to allow users who are connected through the ssl tunnel to be able to browse internet websites. Currently internal uses can browse fine and ssl clients can browse internal network with no issues they just cannot get to the internet through the ssl tunnel.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to nshoe18

‎07-29-2010 07:16 AM

Easiest is to configure split tunneling as per advised earlier:

For split tunneling, here is the sample config:

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htwebvpn.html#wp1056267

(you would need to add the "svc split include ")

I assume that you already configure NAT exemption for traffic between the internal subnet and the ssl vpn pool subnet.

0 Helpful

Go to solution
rahgovin
Level 4
Level 4
In response to nshoe18

‎07-29-2010 07:18 AM

when you configure split tunneling, only traffic destined to your internal networks will be tunneled through the ssl vpn. All other traffic will be passed through your clients normal internet connection. So when a client is connected to ssl vpn with split tunneling he will be able to get to the internet as he normally does.

Please follow the steps given by halijenn for split tunneling.

0 Helpful

Go to solution
nshoe18
Level 1
Level 1
In response to Jennifer Halim

‎07-29-2010 11:38 AM

That all worked perfectly thank you. Now I just have to get Windows 7 to work with the SSL and all is good.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents