Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Will routes to other nets be lost when use vpn client?

I have a very general question. I am planning to implement a security solution for extranet partners to log into our intranet using VPN client. IPSec will be terminated on the external interface of the Cisco PIX firewall v6.3.

Now my consirn is, I have downloaded the vpn client for testing but I have not seen any advance settings on defining to which network traffic will pass through the IPSec tunnel and which will be routed normally. Is ti by default all traffic going through VPN? Does that mean if other networks exist using their default route, they will not be able to reach them? (i.e. browse the internet).

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Will routes to other nets be lost when use vpn client?

That would depend on how you configure the PIX. You can allow the VPN to your site and access to the Internet at the same time. This is called split tunneling. It is configurable on the PIX, not the client.

This link might help you to get started but I am sure there are better links out there.

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_command_reference_chapter09186a00800ec9ec.html

2 REPLIES

Re: Will routes to other nets be lost when use vpn client?

That would depend on how you configure the PIX. You can allow the VPN to your site and access to the Internet at the same time. This is called split tunneling. It is configurable on the PIX, not the client.

This link might help you to get started but I am sure there are better links out there.

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_command_reference_chapter09186a00800ec9ec.html

New Member

Re: Will routes to other nets be lost when use vpn client?

Excellent. This seems to do the job. Now I came accrossed another problem.

My default pool is defined as:

ip local pool IP_POOL 10.10.10.10-10.10.10.19

The client gets the following ip:

C:\Documents and Settings\test\Desktop>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : test.com

IP Address. . . . . . . . . . . . : 10.17.79.3

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . : 10.1.111.222

Ethernet adapter Local Area Connection 5:

Connection-specific DNS Suffix . : vpn.test

IP Address. . . . . . . . . . . . : 10.10.10.10

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . :

Browsing the internet works fine. But accessing other parts on the intranet does not work.

76
Views
0
Helpful
2
Replies
CreatePlease login to create content