This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Split Tunnel in IPSec

stenorman2001 over 13 years ago

I was wondering if someone could give me the way to configure IPSec so that it doesn't enable split tunnelling (a security requirement of ours). Is there a way to configure IPSec in ASG to direct ALL traffic from a client to the ASG?

Many thanks for a great product!

This thread was automatically locked due to age.

0 BAlfson over 13 years ago

Hi, Stephen, and welcome to the User BB!

The IPsec, Cisco and SSL Remote Access methods can be configured for "full" tunnel. Either use "All" in 'Local networks' or use your internal networks and the 'Internet' object.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 stenorman2001 over 13 years ago

Hi Bob,

Thanks. I configured that on both the client (Viscosity) for SSL VPN, but clients that connect then can't access the Internet unless the SSL VPN network group is added to the Web Filtering proxy and the proxy is on. This might be due to our network configuration though.

If SSL VPN is configured to send all traffic to the ASG, is there a process that should be followed to enable the VPN traffic to then go back out onto the Internet. We can use split tunnelling, but as a security requirement we need to route all traffic via the ASG when a user is connected to a VPN, but we want them to also be able to access the Internet (through the ASG). Whilst we are happy to perform the web filtering on HTTP traffic, we would prefer to avoid filtering HTTPS traffic at this time.

Cheers,

Stephen
Cancel
Vote Up 0 Vote Down

Cancel