×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

VPN Client split-tunnelling Question

Unanswered Question
Jun 22nd, 2006
User Badges:

Hello everyone,


Can someone please tell me if there are security issues with split-tunnelling in relation to vpn clients.


For instance I have several users who use the vpn client to connect to the work office and also they browse the internet from their home machines whilst connected to the work office using the vpn client.


Do you suggest that I take out the split-tunnel command from the pix configuration? What I have noticed on the vpn client side, under the status|statistics tab is that when browsing the internet whilst connected to the work office via the vpn client there are a lot of 'bypass counts'.


Is this an indication that the vpn client is not allowing unencrypted traffic to get to the work office and is only allowing communication (encrypted) between the vpn client and work office PIX.


Are there any security concerns on having split-tunnelling enabled, will my work office be compromised??


Will be most grateful if someone could give me some answers.


Thank you.




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
grant.maynard Thu, 06/22/2006 - 06:30
User Badges:
  • Silver, 250 points or more

In theory there is a risk with split tunneling because you are connected simultaneously to the internet and the office. If you are hacked from the internet and you have a vpn open to the office....

I recommend disabling split tunneling.

Actions

This Discussion