PIX : provide Internet access to VPN clients without split tunnel

Secure Home | Search | About

Lost Password?

Networking Firewalls

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject	Author	Date
PIX : provide Internet access to VPN clients without split tunnel	free	12-16-2004

Posted by free on December 16, 2004, 1:01 pm

If you were Registered and logged in, you could reply and use other advanced thread options

Hi,

I want to provide Internet access to my VPN users without using split
tunnel. I know that it is not possible to route traffic by the same
interface as the packets come in. So I set up a default route to an another
interface. But...in that case, during ISAKMP negociation, packets are routed
to this default route and VPN client are unable to get answer. How can I set
up in Pix rules that IPSEC packets should be routed to the VPN interface.
I hope the schema below will help to understand my poor english :

Internet ------- Linux router ----- Pix Firewall ----- Internal LAN
|
|
|
Internet (VPN client access)

Thank you in advance for your advices or recommandations.

Similar Threads	Posted
Check Point Remote Access VPN with no split function	February 3, 2005, 3:09 pm
Looking for sites to provide reviews	February 14, 2005, 8:04 pm
split tunneling	May 31, 2005, 4:52 pm
Users can't access the internet	December 6, 2004, 3:33 pm
Spoolsv.exe trying to access the internet	February 1, 2005, 9:28 pm
Internet access problem	December 16, 2006, 3:09 pm
Re: WRT54G No Internet Access	November 24, 2007, 7:44 pm
Re: WRT54G No Internet Access	November 24, 2007, 7:59 pm
Block Internet Access with Win2K NAT or ICS	December 23, 2004, 5:38 am
Checkpoint NG with AI Upgrade - No Internet Access	April 3, 2005, 8:08 am

The site map in XML format XML site map