07-21-2014 06:58 AM - edited 02-21-2020 07:44 PM
We have a cisco 515 configured for L2TP over ipsec vpn.
Once connected we cannot browse the internet, we can ping internal network fine. If send all traffic through gateway is ticked on the client we still have the same issue.
We have a flat network so just firewall - layer 2 switches and a DHCP server is plugged into a switch.
VPN config from the switch:
group-policy MyGroup internal
group-policy MyGroup attributes
wins-server value 192.168.120.3 192.168.120.4
dns-server value 192.168.120.3 192.168.120.4
vpn-simultaneous-logins 30
vpn-session-timeout none
vpn-tunnel-protocol IPSec l2tp-ipsec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value split-tunnel
default-domain value my.domain.com
group-policy filter internal
group-policy filter attributes
tunnel-group MyGroup general-attributes
authentication-server-group vpn-auth
default-group-policy MyGroup
dhcp-server 192.168.120.4
tunnel-group MyGroup ipsec-attributes
tunnel-group MyGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
07-21-2014 09:02 AM
Hi,
Can you try changing the group-policy as tunnel all instead of tunnel specified in split-tunnel-policy.
Regards
Karthik
07-21-2014 10:12 AM
Thanks for pointing me in the right direction:
http://blog.soundtraining.net/2013/03/how-to-configure-split-tunneling-on.html
conf t
group-policy DefaultRAGroup attributes
split-tunnel-policy tunnelspecified
did the trick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: