I have configured the ASA5510,configured for the IPSec Remote Access.Now in the remote PC I have loaded and configured the Cisco VPN client and configured also.
Now i am getting connected to the mai site through teh IPSec VPN,and the remote PC also getting the IP address,and able to access teh ain site inside network.Now the remote PC user wants the Internet access also simultaneously.For which I have to enable the split tunnel.How to do this?If I enable the Split tunnel....then accessing the internet from the Remote PC How tthe internet traffic will flow?
You do not realy have to provide split tunnel if you want RA clients to use your internet via the ASA while VPN into your network personally I do not recommended unless is necessary. With split tunnel simply the intenet traffic will not cross the IPsec tunnel but rather will be handle by the users regualr internet traffic , RA VPN users internet flow simply does not cross your Firewall.
On the other hand if you want to have more control of RA VPN users internet access you can configure your RA tunnel group as full tunnel, thus the internet traffic flow RA users will be handled in/out through the ASA applience.
Thanks a lot....It helped me a lot.....Now I can create a split tunnel....through split tunnel I able to access the Skype (Through my LAN gateway),DNS and resolving,telnet yahoo.com 80 is giving me a connectivity.....Tracert yahoo.com....very rarely shows the first hop as my LAN gateway.....most of the time does not show the first hop....
very few times I was able to browse the internet....most of the time not able to connect to the internet....but always I am able to connect to Skype for chat....
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...