CISCO PIX 515e setup working, want to use the office internet connection when connected via vpn
Hello!
After a lot of issues i finally got the cisco pix vpn to work thanks to you guys.
i have one last issue. how can i make it so that when someone who connects with the cisco vpn client, when he is connected he will use the internet connection from the LAN.
for example, when i connect from the 3g connection and i use cvpn to connect to the local office, i can ping any LAN host with no issue, but when i use the laptop for seeing webpages and stuff, i still use the 3g connection directly. how can i make it so that when i am connected to the pix, im "closed" to that network and all the resources in it, so that when i get on the internet i can use the office internet connection?
thanks a lot
After a lot of issues i finally got the cisco pix vpn to work thanks to you guys.
i have one last issue. how can i make it so that when someone who connects with the cisco vpn client, when he is connected he will use the internet connection from the LAN.
for example, when i connect from the 3g connection and i use cvpn to connect to the local office, i can ping any LAN host with no issue, but when i use the laptop for seeing webpages and stuff, i still use the 3g connection directly. how can i make it so that when i am connected to the pix, im "closed" to that network and all the resources in it, so that when i get on the internet i can use the office internet connection?
thanks a lot
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If its a v6 Firewall remove the lines that LOOK LIKE
access-list splitTunnelAcl permit ip 192.168.0.0 255.255.255.0 any
vpngroup groupname split-tunnel splitTunnelAcl
access-list splitTunnelAcl permit ip 192.168.0.0 255.255.255.0 any
vpngroup groupname split-tunnel splitTunnelAcl
ASKER
Im using 7.2
im gonna remove those lines now and see what happens. thanks a lot
im gonna remove those lines now and see what happens. thanks a lot
ASKER
it worked, i cant use the internet connection from the 3g provider, but the internet doesnt work through the office connection either.
i think im missing something here... :(
i think im missing something here... :(
is the subnet your VPN clients are on allowed out for web access?
ASKER
how can i check that? and where?
ASKER
on the linux router the whole 10.10.0.0/16 network is allowed access, so that shouldnt be the problem. where must i check on the pix?
ASKER
anyone?
im really blocked out here :(
im really blocked out here :(
ASKER
convinced myself you cant do this with cisco vpn client, at least no safely so i will just close it
thanks a lot for the replies
thanks a lot for the replies
if its v7 or 8 remove the two lines that LOOK LIKE
access-list RemoteVPN_splitTunnelAcl standard permit 192.100.1.0 255.255.255.0
split-tunnel-policy tunnelspecified
split-tunnel-network-list value RemoteVPN_splitTunnelAcl