Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

VPN Split Tunnel Cisco ASA

Posted on 2013-01-16
4
Medium Priority
?
504 Views
Last Modified: 2013-01-18
I have a production ASA which is configured for client vpn.  The VPN works; however, when initiated I cannot see my local lan or the internet.  I enabled split tunneling through the GUI and was still unable to see my local network.

I have disabled split tunneling and attached a copy of the running config.  It is a bit confusing as there are some unsuccessful VPN attempts still in the config.
config.docx
0
Comment
Question by:dhuff2012
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 18

Expert Comment

by:fgasimzade
ID: 38785966
Add the following to your config

access-list outside_access_in permit ip 10.11.12.0 255.255.255.0 10.1.1.0 255.255.255.224


See if it works. Make sure the firewall on PC behind your PIX is configured to allow ICMP.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 38787302
Cisco ASA - Enable Split Tunnel for IPSEC / SSLVPN / WEBVPN Clients

Add

vpngroup sscadm1n2 split-tunnel RemoteVPN_splitTunnelAcl
access-list RemoteVPN_splitTunnelAcl permit ip 10.1.1.0 255.255.255.224 any


Should do you

Pete
0
 

Author Comment

by:dhuff2012
ID: 38788881
Hi Pete:

I put your commands in but they had to be put in reverse order.  I've attached the current config.  Is this what it should look like?  Also, what can I get rid of?
David
config2.docx
0
 
LVL 18

Accepted Solution

by:
fgasimzade earned 2000 total points
ID: 38792826
You need to add the access list I suggested to allow traffic from outside to inside
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question