I've seen another note already in this forum for tunnelling both internet/corporate traffic through the VPN concentrator using split tunneling, however how can I make sure only corporate traffic is passed through the VPN box and internet traffic is passed through the local isp ?
Currently, once connected via the VPN Client, I can only get into the internal network not out to the internet. Thanks.
A little clarity on your question please? It seems as though you are describing split tunneling as have both Internet and LAN traffic going through the concentrator. Thi is the exact opposite of split tunneling. That is "Tunnel Everything" mode. If you check on the concentrator under Configuration, User Management, Groups then slect the group you want to allow split tunneling for, click Modify Group and go under the mode config tab you shold see where you can set up your split tunnel policy. The navigation may be a litlle different depending on what version software you are running on the concentrator. FYI, Cisco recommends that you not allow split tunneling if you want the highest level of secutiy. I noticied you said that once connected your VPN clients can't get back out to the Internet. Do you have a tunnel default gateway set on your Concentrator? It should be the same as the default gateway for you LAN. Perhaps you can try this first and if your users can still get to the Internet when connected to the VPN you can let that be your setup since this is more secure .
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :