Solved

VPN Split Tunnel Cisco ASA

Posted on 2013-01-16
4
501 Views
Last Modified: 2013-01-18
I have a production ASA which is configured for client vpn.  The VPN works; however, when initiated I cannot see my local lan or the internet.  I enabled split tunneling through the GUI and was still unable to see my local network.

I have disabled split tunneling and attached a copy of the running config.  It is a bit confusing as there are some unsuccessful VPN attempts still in the config.
config.docx
0
Comment
Question by:dhuff2012
  • 2
4 Comments
 
LVL 18

Expert Comment

by:fgasimzade
ID: 38785966
Add the following to your config

access-list outside_access_in permit ip 10.11.12.0 255.255.255.0 10.1.1.0 255.255.255.224


See if it works. Make sure the firewall on PC behind your PIX is configured to allow ICMP.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 38787302
Cisco ASA - Enable Split Tunnel for IPSEC / SSLVPN / WEBVPN Clients

Add

vpngroup sscadm1n2 split-tunnel RemoteVPN_splitTunnelAcl
access-list RemoteVPN_splitTunnelAcl permit ip 10.1.1.0 255.255.255.224 any


Should do you

Pete
0
 

Author Comment

by:dhuff2012
ID: 38788881
Hi Pete:

I put your commands in but they had to be put in reverse order.  I've attached the current config.  Is this what it should look like?  Also, what can I get rid of?
David
config2.docx
0
 
LVL 18

Accepted Solution

by:
fgasimzade earned 500 total points
ID: 38792826
You need to add the access list I suggested to allow traffic from outside to inside
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPN from within Azure 2 35
decoding the error message TEI_ASSIGNED 8 78
SSL VPN to Fortigate 100D 2 18
Cisco router external connection issues. 6 30
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question