Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
504
Views
0
Helpful
7
Replies

PIX 501 VPN

aseychell
Level 1
Level 1

‎03-06-2006 02:58 AM - edited ‎02-21-2020 02:17 PM

Hi there,

I have a PIX 501 connected to the internet which is currently on the edge of the network. I have a client to which I want to connect using VPN so when PC on my network side request a particular IP, traffic passes through th tunnel. The other company sent me theit VON settings and I was able to configure them in the PIX using the Easy-VPN Remote wizard. The tunnel came up ok but all the other internet traffic stopped working. I had to remove the tunnel for the internet to work again. Is this something normal or am I mistaken in using something which I shouldnt?

Labels:
0 Helpful
7 Replies 7

jackko
Level 7
Level 7

‎03-06-2006 09:06 PM

split tunneling needs to be configured on the server end.

0 Helpful

aseychell
Level 1
Level 1
In response to jackko

‎03-06-2006 11:39 PM

So the internet cannot be accessed from my tunnel side? I have to use the internet at the main office?

0 Helpful

jackko
Level 7
Level 7
In response to aseychell

‎03-07-2006 01:09 AM

no, it means that split tunneling needs to be configured on the server end.

split tunneling enables the hardware client to be able to determine what sort of traffic should traverse the vpn and what not.

0 Helpful

killroy
Level 1
Level 1
In response to aseychell

‎03-09-2006 06:54 AM

If Im understanding this right you connect pix to a concentrator using Easy vpn. Then the concentrator must be configured with split tunneling

Configuration / User management / Groups / Modify XXX / Split tunneleling Policy.

There you can choose: "Tunnel everything" or "Only tunnel networks in the list"

You have a description what to do when you get there.

Hope this helps

0 Helpful

killroy
Level 1
Level 1
In response to aseychell

‎03-09-2006 06:57 AM

If Im understanding this right you connect pix to a concentrator using Easy vpn. Then the concentrator must be configured with split tunneling

Configuration / User management / Groups / Modify XXX / Split tunneleling Policy.

There you can choose: "Tunnel everything" or "Only tunnel networks in the list"

You have a description what to do when you get there.

Hope this helps

0 Helpful

rmotzer
Level 1
Level 1
In response to killroy

‎07-05-2007 04:29 PM

According to step #6 in this document:

http://www.cisco.com/en/US/partner/tech/tk583/tk372/technologies_configuration_example09186a00800945cf.shtml

Split-tunneling cannot be specified the normal way in the concentrator for EasyVPN.

I have not found any docs on CCO to explain how this is done, although the above doc says it is suppported...

0 Helpful
Customers Also Viewed These Support Documents