Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

PIX split tunnel

I'm implemented a split tunnel (thanks to several posts here) and it works great. But now it seems I've lost the ability to use a static route I have defined (see below). With the split tunnel enabled I am no longer able to get to the devices on the other side of when connected via vpn.

route inside xx.xx.xx.0 1

Cisco Employee

Re: PIX split tunnel

What is your split-tunnel acl? What networks are you trying to reach? Do they have a route back to the VPN Pool that you are assigning to your clients?

New Member

Re: PIX split tunnel

Below is the ACL. I'm trying to reach the 10.220.101 network which is on the other side of the router. This all works without split tunneling.

access-list 80 extended permit ip any

Cisco Employee

Re: PIX split tunnel

Your split-tunnel ACL works better if it is a standard acl, so suppose you need to get to the network, your split-tunnel acl should be:

access-list split_tunnel standard permit

Add networks to this ACL as needed.

New Member

Re: PIX split tunnel

That is what I was missing! Thanks.

CreatePlease to create content