Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX 6.3 Split tunneling to specific internet hosts

I asked this question before and thought I had it straight, but having tried the suggested solution it is not working.

Is it possible to allow Cisco VPN clients access to only certain internet IP addresses through split tunneling? I have tried using the split tunnel ACL:

access-list split_tunnel deny host x.x.x.x (internet host x)

access-list split_tunnel deny host y.y.y.y (internet host y)

access-list split_tunnel permit 0.0.0.0 0.0.0.0 (tunnel everything else)

This doesn't appear to work. Is this possible and any other suggestions?

Thanks

1 REPLY

Re: PIX 6.3 Split tunneling to specific internet hosts

I have not tested this, but I am pretty sure it will not work since the split tunnel list will just check for the ip address definition and not the action of the actual list.

139
Views
0
Helpful
1
Replies
CreatePlease to create content