VPN and Local LAN

[Guest_imported]

We have a remote site which establishes a VPN connection to a Pix 515 and the corporate LAN. Everything works fine as far as the VPN connection is concerned, however while the remote user is connected to the corporate LAN he is unable to access other machines on his own remote LAN.
He is using Cisco VPN Client 3.5. The user sits behind a cable router which is connected to the internet.
What do I need to do to enable the remote user to be able to talk to machines on his own network while connected to the Pix?
Many thanks for any clues.
Rob

 

[sunyasee]

Sounds to me like you need to configure 'split tunneling' on the pix. This will enable you to connect to the remote site and still access resources on the local network at the same time. Here's an example from a config I did...

access-list no_nat permit ip 129.1.0.0 255.255.0.0 192.168.2.0 255.255.255.0

ip local pool remote 192.168.2.1-192.168.2.10

vpngroup remote split-tunnel no_nat

So as you see you apply the split tunnel command to the no-nat access list that allows your vpnclient ips access to your internal network ips.

Hope this helps