Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Web traffic while VPN is connected

I have some users that now want to be able to surf the web through their local connection at the same time the VPN client is connected to our concentrator. I thought this was a simple routing or DNS issue, but it is turning out to be more of a challenge.

Does anyone have any info on how to allow a client that is connected to VPN to also surf the web. Yes, we have tried enabling "Allow Local LAN Access" and that doesn't help. If there truly isn't an easy way of doing this, looks like I'm going to have to add some more static routes here and there. Thanks all.

3 REPLIES
Cisco Employee

Re: Web traffic while VPN is connected

Hello,

This configuration is called split-tunneling. Split-tunneling allows VPN Clients secure access to corporate resources via IPsec while giving unsecured access to the Internet.

Please review this link for details on the configuration process.

Split Tunneling for VPN Clients on the VPN 3000 Concentrator Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00806f34fa.shtml

Hope that helps! If so, please rate.

Thanks

Re: Web traffic while VPN is connected

Hi,

What you need is to disable split tunneling. Enabling split tunneling means all traffic from vpn client to VPN3K and vice-versa must go through encrypted IPSec tunnel. Disabling it will allow your client to access HQ network, and access internet at the same time. This requires you to specify what subnet(s) need to pass through the tunnel while allowing others to go outside the tunnel, and direct to your internet router or internet.

BTW, I assumed split tunneling is enabled. That's why you can't surf the internet when connecting to the VPN. In your case, there is no option in your VPN Client to enable/disable split tunneling. All is controlled by the Concentrator.

Check your VPN Concentrator settings on Group or User. You can play around (enable/disable) with split tunnelling option from the Group or User setting depening on your requirement. But Group settings is more preferred than individual users.

Check the Group or User configuration option, and look for Split Tunneling Policy under Client Configuration Parameters Tab.

- Group Configuration

Configuration | User Management | Groups | Add or Modify, Client Configuration Tab

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00801f1df7.html#wp1767819

- User Configuration

Configuration | User Management | Base Group, Client Configuration Parameters Tab

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00801f1df7.html#wp1757065

Rgds,

AK

New Member

Re: Web traffic while VPN is connected

Hmm... I thank both of you for your comments. I think the answer lies in split tunneling. One answer says to turn it off. One says to turn it on. Right now, I do not have it turned on so I will try and turn it on. Thanks.

443
Views
0
Helpful
3
Replies
CreatePlease to create content