Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Split tunnel issue

Hi All;

I have enabled split tunneling on my router but still remote clients are not been able to access internet attached is the running of my router


Re: Split tunnel issue

In PIX version 7.x, the split tunneling Access Control List (ACL) is now a standard list. The addresses in this list are the local networks only (local to the PIX) and not the client pool. The commands appear similar to this:

access-list split standard permit

group-policy vpn internal

group-policy vpn attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value split

Note: You must meet these conditions to implement split tunneling for Microsoft XP clients:

* Set the split tunneling policy to only tunnel networks in the list.

* Configure network lists and default domain names in the Common Client Parameters section of this window.

* Change the default setting on the client PC's Internet Protocol (TCP/IP) Properties window. Select Control Panel > Network Connections > VPN > VPN Properties > Networking > Internet Protocol (TCP/IP) > Properties and go to the Internet Protocol (TCP/IP) Properties window. Then choose Advanced and uncheck the box.

Note: If you enable both split tunneling and individual user authentication for a VPN 3002 Hardware Client, you must authenticate only when sending traffic bound for destinations on the other side of the IPsec tunnel.

CreatePlease login to create content