Announcement

Collapse
No announcement yet.

Help with Easy VPN client split tunneling.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help with Easy VPN client split tunneling.

    an someone please help me with my config for Easy VPN Client split tunneling. At the moment when the VPN is up I have NO access to the Internet from any host.

    Here's what I am attempting to do. I want only certain host to route all there traffic thou the tunnel and the remaining host to use the default route.

    I created an object-group and access list with the hosts I want to route thou the VPN :-

    object-group network VNPCLIENTS
    description HOSTS ALLOWED ACCESS TO THE VPN
    host 192.168.3.204
    host 192.168.3.42
    host 192.168.3.44
    host 192.168.3.202
    host 192.168.3.43

    access-list 1 remark Internet access list
    access-list 1 permit 192.168.3.0 0.0.0.255
    access-list 101 remark Hosts allowed access to VPN
    access-list 101 permit ip object-group VNPCLIENTS any
    access-list 111 permit udp any any eq 3074
    access-list 111 permit tcp any any eq 3074
    access-list 111 permit udp any any eq 88


    I Then applied the access list to the Virtual interface of the VPN in both directions:-

    interface Virtual-Template1 type tunnel
    no ip address
    ip access-group 101 in
    ip access-group 101 out
    tunnel mode ipsec ipv4

    Now when I connect to the VPN I have no access from any host to the Internet either thought the tunnel or not.

    I must be doing something very wrong. Much appreciate any help.


    Thanks
Working...
X