VPN tunneling options - non-split with local LAN access

I was just wondering what peoples take is on setting up a VPN with non-split tunneling, but still allowing local LAN access.

What are the dangers involved in this?

Can someone really use the computer to gain access through the tunnel?
LVL 12
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

surbabu140977Connect With a Mentor Commented:
if there are no split tunnels defined, then nothing major happens, only all of client internet traffic goes through you. That machine loses all it's connection if connected to other networks and try to pass all traffic through you. In simpler words, your vpn device becomes his gateway, which of course you can understand will be wrong.

mindwiseConnect With a Mentor Commented:
Adding to surbabu140977,

From a security perspective "non-split tunneling" is more secure then 'split tunneling'.

The point of concern with split tunneling is that a remote attacker could potentially use the tunnel a user has to the company resources (u-turn attack). That is not the case (or at least less straightforward) without split tunneling.
Which is the concern you mentioned, but that concern only comes into play with 'Split Tunneling'.

ryan80Author Commented:
I am aware of the security risks with split tunneling, but I was really more interested in the security risks of allowing local lan access for the remote user, so they can use network printers.

Any thoughts on this?
All Courses

From novice to tech pro — start learning today.