cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
326
Views
0
Helpful
2
Replies

specify local routes using split tunneling?

ryancolson
Level 1
Level 1

I have a cisco 1721 running 12.4 terminating a ras vpn and have gotten it working, using split tunneling. However, Is there a way to specify which routes will be considered "local". Forexample, if I simply activate include local lan, only that subnet will be treated as local. I want to be able to have internet traffic also go thru the vpn. My issue is that if I am connecting via the vpn and I need access to local resources on other subnets(like a larger company that has PCs on one subnet, servers on another, etc), but still have access to my remote network and have internet traffic tunneled accross the vpn, without having to explicitly add all internet class A routes as well as secured routes in the split tunnel ACL. I tried using deny statements in the split tunnel ACL however that did not work, as it treated the denys as permits. Is this doable and if so, how? I already have everything else working, as far as internet traffic flowing thru the vpn.

2 Replies 2

ddaugherty1264
Level 1
Level 1

Please let me know if you get this working. I have the same issue on a 2811 ver 12.4.13b. I a convienced that a "deny" statement on a EZVPN group ACL really messes things up.

Did anyone of you get a work around to this? i'm trying do route certain internet traffic through our main site. I have two sites connected via ezvpn server using asa 5505's.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: