Setup split tunnel to allow access to local lan using cisco vpn client

Discussion in 'Cisco' started by Jon L. Miller, Feb 7, 2005.

  1. Need to know how to setup a split-tunnel on a 2621 dsl router to allow a cisco
    vpn client user the abuility to retain their local lan access.
    Also need acl to only allow port 3306 and port 4899
    Would it be something to the order of:
    ! Split-tunnel info
    access-list enochlan permit ip 10.0.0.0 255.0.0.0 192.168.5.0 255.255.255.0
    vpngroup tunnel1 split-tunnel enochlan

    Then do we create extended acls to this tunnel1 and apply the acl group to the
    tunnel1 interface?
     
    Jon L. Miller, Feb 7, 2005
    #1
    1. Advertisements

  2. Jon L. Miller

    Dumbkid Guest

    This is probably what you are looking for:
    http://www.cisco.com/en/US/netsol/n...g_solutions_white_paper09186a008018914d.shtml

    Note split-tunnel config:

    crypto isakmp client configuration group hw-client-groupname
    key hw-client-password
    dns 30.30.30.10 30.30.30.11
    wins 30.30.30.12 30.30.30.13
    domain cisco.com
    pool dynpool
    acl 150

    "acl 150" is the split-tunnel, and "dynpool" is the ip address the client
    will be assigned.
     
    Dumbkid, Feb 7, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.