I am trying to let the remote pc access the internet via w/o tunneling the traffic to the PIX and tunnel only traffic to the PIX destined for the LANs behind it.
I am confused on the use of the splt tunnel acl and if there is a need for client configuration address initiate command. With the current config, it looks like all traffic is being tunneled. I can access the LANs behind the pix but not the internet.
Below is the relevant config. The client local LAN segments are the 10.81.129.. 10.71.129.. and 10.81.160...
access-list split-tunnel permit ip any 10.0.0.0 255.0.0.0
access-list nonat permit ip 10.81.129.0 255.255.255.0 10.81.161.0 255.255.255.0
access-list nonat permit ip 10.71.129.0 255.255.255.0 10.81.161.0 255.255.255.0
access-list nonat permit ip 10.81.160.0 255.255.255.0 10.81.161.0 255.255.255.0
ip local pool pix-vpnclient-pool 10.81.161.10-10.81.161.254 mask 255.255.255.0
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...