Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

specify local routes using split tunneling?

I have a cisco 1721 running 12.4 terminating a ras vpn and have gotten it working, using split tunneling. However, Is there a way to specify which routes will be considered "local". Forexample, if I simply activate include local lan, only that subnet will be treated as local. I want to be able to have internet traffic also go thru the vpn. My issue is that if I am connecting via the vpn and I need access to local resources on other subnets(like a larger company that has PCs on one subnet, servers on another, etc), but still have access to my remote network and have internet traffic tunneled accross the vpn, without having to explicitly add all internet class A routes as well as secured routes in the split tunnel ACL. I tried using deny statements in the split tunnel ACL however that did not work, as it treated the denys as permits. Is this doable and if so, how? I already have everything else working, as far as internet traffic flowing thru the vpn.

New Member

Re: specify local routes using split tunneling?

Please let me know if you get this working. I have the same issue on a 2811 ver 12.4.13b. I a convienced that a "deny" statement on a EZVPN group ACL really messes things up.

New Member

Re: specify local routes using split tunneling?

Did anyone of you get a work around to this? i'm trying do route certain internet traffic through our main site. I have two sites connected via ezvpn server using asa 5505's.

CreatePlease to create content