Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Remote Access & Split Tunnels

How safe is split tunneling a remote access vpn client The tunnel is termined on a ASA 5520 7.2. Management wants the webfiltered for remote users, we have a websense remote server in the dmz and a websense client on the laptops. I always thought split tunnels can pose a security risk.


Re: Remote Access & Split Tunnels

I my opionion I agree - if the remote users does not have an adequate firewall and AV, this poses a risk. They have access to the internet, while still connected to the network. If you are not using the built in firewall in the Cisco Client to limit traffic in/out - you might consider this.

I would however downgrade to version 4.8 straight away - I have read no end of comments from users in the forums about ver 5.x - flaky and just not ready. 4.8 stable - I have been running this on over 2000+ laptops with no issues for the last 1+ years.

What I generally do is tunnel all - and filter on the VPN device or second layer firewall. If you have WebSense - even better. Tunnel all and pass the web traffic into the DMZ for classification.

CreatePlease to create content