Solved

Cisco VPN

Posted on 2004-10-04
4
235 Views
Last Modified: 2010-04-17
I am able to have users VPN into our system but they can not browse the internet once they have VPN'd in.  They can do everything else but they can not access the internet, any ideas?
0
Comment
Question by:gtimmons
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 12219171
What is your VPN endpoint? A PIX? VPN 3000 series concentrator?
What version VPN client?
Either way, the answer lies in "split-tunneling"
VPN 3000 series:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a008015f324.shtml

PIX:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_user_guide_chapter09186a00801aed89.html
0
 

Author Comment

by:gtimmons
ID: 12219488
Pix 515 is our firewall
0
 

Author Comment

by:gtimmons
ID: 12219668
do I put the IP address of the internal network, 172.16.1.1, in for this?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12220103
Yes, use something like this:

access-list split-tunnel permit ip 172.16.1.0 255.255.255.0 <VPN IP subnet> <mask>
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

736 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question