Need to disable split tunneling from a VPN client connection.

Unanswered Question
Jul 29th, 2003
User Badges:

I am using pix firewall version 6.2 and VPN client configuration with VPN client software version 2. When I open the tunnel, the VPN client is able to communicate to the enterprise network but also at the same time can surf the internet. I need to disable split tunneling but in the VPN client software there´s no option to do so. Regarding documentation, I found there´s a method but for VPN client 3.5 software or earlier version and my PIX firewall configuration looks like that one used for VPN client version 1.1.

What can I do to disable split tunneling using the same software I have, I mean, only using configuration.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jackko Tue, 07/29/2003 - 14:57
User Badges:
  • Gold, 750 points or more

create another vpngroup; group1 enable split tunneling; group2 disable split tunneling

sguerrero Wed, 07/30/2003 - 15:09
User Badges:

It is not very clear for me your suggestion. . Here´s the configuration I have:

access-list 101 permit ip

ip local pool test

nat (inside) 0 access-list 101

crypto dynamic-map dynmap 15 set transform-set myset

crypto map mymap 5 ipsec-isakmp

crypto map mymap 5 set transform-set myset

crypto map mymap 15 ipsec-isakmp dynamic dynmap

crypto map mymap client configuration address initiate

crypto map mymap client configuration address respond

crypto map mymap interface outside

isakmp enable outside

isakmp key ***** address netmask

isakmp identity address

isakmp client configuration address-pool local test outside

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 1

isakmp policy 10 lifetime 3600

isakmp policy 10 authentication pre-share

What should I change here related to the group? I only have 1 group created and want to disable split tunneling for whomever in this group.

Thanks for any comment.

jmondaca Mon, 08/04/2003 - 07:45
User Badges:

You have to disable the split-tunnel in the vpngroup

Hope it Helps.



This Discussion