Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Split Tunneling

I am not really sure if I am getting split tunneling right. If split tunneling is enable on my PIX for the VPN clients. Then all the traffic from that client site to the public network (internet) will not pass the ipsec tunnel but go thru the clients network right? and if it is disable then the traffic to the internet will pass the tunnel. which means access to internet will be from my pix firewall i.e the client will utilize our bandwidth to surf the network. and will be decrease the throughput.

how this helps......both security and thruput can some 1 explain ...Thanks


Re: Split Tunneling

You have got the split tunneling right, but with out it users will not beable to browse the internet because the PIX does not allow packets to come in one interface and then go out that same interface.

Hope this helps...

New Member

Re: Split Tunneling

Thanks Mike

if PIX does not allow client to browse internet when split tunneling is disabled. Will that stil create load on the VPN headend.


Re: Split Tunneling

I would not think so. I don't know what kind of PIX your using and how many VPN peers it can have but It should be just like anything else going up against the ASA and being dropped.

Anyone else have any insight on this one?