Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Microsoft Client VPN and Split Tunnelling - nothing works!


A question that has been asked many times before, however no solution seems to work. We are due to roll out remote access VPN to staff using (preferably) the Microsoft XP VPN client (for ease of integration and logging on), however I have been unable to get split tunnelling to work. The configuration on the ASA is as it should be, and works fine with the Cisco VPN client incidentally, but I cannot get it to work using the windows xp client. I have followed all the recommended configurations including disabling the default gateway in advanced ip settings. Is there a compatibility issue with the microsoft vpn client (L2TP) and the Cisco ASA's ?

Will we be limited to the Cisco VPN client only ?

Also - I understand the security implications with split tunnelling. All remote access will be via company supplied laptops with antivirus and mobile content filtering via surf control within the corporate LAN.

Any help will be appreciated.

Community Member

Re: Microsoft Client VPN and Split Tunnelling - nothing works!


The ASA does not support the L2TP/Windows XP VPN Client. So you will have to use the Cisco VPN Client or WebVPN.

About Split Tunnelling you don't mention any software Firewall. This is a very important step, since a Hacker could gain access to your PC via LAN or the Internet (depending on your ST configuration) and potentially use it to piggyback on to your company network. A very good idea when using ST is to force the Cisco VPN Client Integrated Firewall using the client-firewall command in group-policy mode.

CreatePlease to create content