What do you have to add on the PIX so that clients can access the outside (internet) when the clients are only setup for IPSec so that clients on the Outside interface can access them using the VPN client? Does anyone have any ideas - ?
Youll have to place a router on the INSIDE network that is the default gateway of the VPN clients. That routers gateway will be the PIX inside interface and the PIX must be setup for NAT and outbound connectivity.
If you are just talking about your IPsec clients being able to access the Internet and the Internal LAN at the same time when they are VPN'd into the network, then the split tunneling command should work for you....
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...