Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 2399 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP Remote access VPN 'split-tunneling'

Noxion

Dear Community,

For a client I am trying to get split-tunneling to work on an existing Sophos XG L2TP remote access VPN. I got it working on my test client machine by disabling the 'use gateway on remote network' checkbox and manually adding a route to the company subnets trough the vpn gateway address of the Sophos. And this works!

Now, to not have to add a route to all machines manually, I am looking for a better way of doing this.

In the 'Remote network details' section of the L2TP configuration I can specify a 'Remote subnet'. Will this be 'remote' for the client, or remote for the company network?

In other words; if I add the company subnet here, will it route all traffic from the client destined for the company network trough the VPN, and all other trough its own internet gateway?

If so, that would solve my problem :)

Best regards,

Jelle



This thread was automatically locked due to age.
  • +2

    Hello  

    Do not change that unless you know the local network the user is coming from.

    There is no way to achieve what you are trying to do.  This is the inherent problem with L2TP.  Either full tunnel with NO routes to add or split-tunnel and add routes.

    You could try and utilize the Sophot Connect Client.  This works off of IPsec tunneling protocols and provides a little more features that could be useful to you.

    Thanks!

  • 0 in reply to KingChris

    Hello KingChris,

    Thank you so much for your quick and clear answer! I think I'm going to advice my client to migrate to the Sophos Connect Client then.

    Thanks again!

    Regards, Jelle