Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
268
Views
0
Helpful
1
Replies

VPN Client split-tunnelling Question

OHITS-OPS
Level 1
Level 1

‎06-22-2006 06:10 AM - edited ‎02-21-2020 02:29 PM

Hello everyone,

Can someone please tell me if there are security issues with split-tunnelling in relation to vpn clients.

For instance I have several users who use the vpn client to connect to the work office and also they browse the internet from their home machines whilst connected to the work office using the vpn client.

Do you suggest that I take out the split-tunnel command from the pix configuration? What I have noticed on the vpn client side, under the status|statistics tab is that when browsing the internet whilst connected to the work office via the vpn client there are a lot of 'bypass counts'.

Is this an indication that the vpn client is not allowing unencrypted traffic to get to the work office and is only allowing communication (encrypted) between the vpn client and work office PIX.

Are there any security concerns on having split-tunnelling enabled, will my work office be compromised??

Will be most grateful if someone could give me some answers.

Thank you.

Labels:
0 Helpful
1 Reply 1

grant.maynard
Level 4
Level 4

‎06-22-2006 06:30 AM

In theory there is a risk with split tunneling because you are connected simultaneously to the internet and the office. If you are hacked from the internet and you have a vpn open to the office....

I recommend disabling split tunneling.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents