I have a vpn 3000 that i have on the network, but the option that allows us to only tunnel networks in the list doesn't respond the way it should. I have it enabled and it's not inheriting from the base group but if i try to run a trace route to the internet my info is still being tunneled through the vpn and not being rerouted to my remote network do i need to restart my vpn after making such a change? or has anyone else had this problem?
Create a network list of addresses to tunnel. (Configuration | Policy Management | Traffic Management | Network Lists).Then select this network list from the Split Tunneling Network List menu. Data to these addresses is sent to the concentrator over the secure IPSec tunnel in encrypted form.
I already had the network list created, but i believe the problem that I'm having is 2 fold, if i remove the option in the windows vpn configuration that disalllows the use of the remote network gateway, i can access my LAN but the device can not find stations on the other end of the tunnel so it connects but it's useless cause if i try a simple ping it goes out my gate way and doesn't traverse the tunnel. if i use the remote gateway i can access the remote LAN but all internet traffic then gets pushed to the remote LAN and gets killed by the ISA server because of policy restrictions, so I'm either tunneling everything or nothing.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...