Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

How to allow remote VPNClient using local resources while connected?

Our main office has just upgraded to Cisco PIX 515E and we have setup some users using VPNClient from our remote sites to the main office. The remote users using this VPNClient without any problem. However, when they are connected to the main office using this VPNClient connection, their local LAN connection will be disconnected so that they couldn't use their remote printers, file sharing, etc.

After going through the help menu from the VPNClient software, I understand that when the 'Allowing Local LAN access parameter' is enabled in both VPNClient and Cisco PIX 515E, I can access the local resources while connected.

Could you please show me step-by-step configuration on both client and central site device, or give me a pointer for the setup guide.

Thank you in advance

3 REPLIES
New Member

Re: How to allow remote VPNClient using local resources while co

I just read in this forum that the 'Allow Local LAN access'-parameter doesn't have any effect with the PIX so you'll have to forget about that option.

You need to use split-tunneling, include all ranges used in the main office which should be accessible for the clients:

access-list split_tunnel_acl permit ip MAINOFFICE-NET1 255.255.255.0 any

access-list split_tunnel_acl permit ip MAINOFFICE-NET2 255.255.255.0 any

vpngroup split-tunnel split_tunnel_acl

It does mean any other traffic will be sent out unencrypted, you can prevent this from happening by using appropriate access-lists.

New Member

Re: How to allow remote VPNClient using local resources while co

Hi,

If I using Microsoft VPN and configure vpdn for PIX, is that any way to configure split tunnel?

regards,

bhteoh

New Member

Re: How to allow remote VPNClient using local resources while co

You can do it, but only from the client side. Right-click on the dialup connection and left-click on properties. Under networking> Internet Protocol> Properties> Advanced> General Tab, unclick "use default gateway on remote network"

226
Views
0
Helpful
3
Replies
CreatePlease to create content