Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 27 subscribers
  • Views 10836 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Split tunneling exceptions?

svk253

We have a site that users access from our internal network, that restricts access based on the Public IP our clients are coming from. That public IP is what is shown when clients connect while in the office.  The problem is, when they are connecting through the VPN from their home, their public IP shows up, and so that site denies them. They MUST come from our public IP.

Do I have to turn off split tunneling or is there a way to force a site to go through the tunnel? When I do 'what is my ip' from a workstation connected via VPN it gives me the IP of whatever network I'm on (i.e. Comcast or something). 

I hope that makes sense. Thank you for your time.



This thread was automatically locked due to age.
Parents
  • 0

    If you have split tunneling on (on the VPN Client), you have to add the site that they are trying to access.

    If not, traffic will go out their public interface.  This is why the "What is my IP" is their ISP's Address. It is not traversing the VPN.

     

    You could also disable split tunnel, and have all traffic route over the VPN.

  • 0 in reply to Derek Lechner

    Hi Derek,
    What do you mean by add the site? I have added it under the SSL VPN tunnel access section.

    Use as default gateway is 'off' so that means split tunneling is enabled. I could turn it on. But I wanted to know if I could somehow still use split tunneling and force this one site to go out that gateway instead of the local public interface.

  • +1 in reply to svk253

    If it is added to the Permitted Network Resources, it will use the SSL VPN connection to connect.

    If it isn't listed it will use the local public interface.

     

    Turning the default gateway on will send all traffic over the SSL VPN, but that doesn't sound like that's what you want to do.

Reply
  • +1 in reply to svk253

    If it is added to the Permitted Network Resources, it will use the SSL VPN connection to connect.

    If it isn't listed it will use the local public interface.

     

    Turning the default gateway on will send all traffic over the SSL VPN, but that doesn't sound like that's what you want to do.

Children