stooo,
Can you post your PIX model, IOS version and VPN Client version.
From what I know, pre IOS v6.3(2), you cannot provide internet access to a VPN Client unless you use a PROXY within the network the VPN Client comes into. The PROXY will "request" the webpage and "foward" it to the VPN Client. In this manner the VPN Client never uses it's own connection to access the internet.
Is this available in later, post IOS v6.3(2), I'm not sure, maybe someone can shed some light on this.
We tried to do the same thing only site-to-site VPN. Cisco said it can't be done cuz traffic is basically coming in (via the tunnel) and going out (to the internet) on the same interface.
Your 515 should have a slot for a third interface. Or you proxy as ermora said, since traffic passes all the way through the PIX to a device inside, then goes back through it again.
If I remember correctly there is a feature called "Split tunneling" that can be enabled to allow access to both the VPN tunnel and the internet at the same time. I will look into it and let you know.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.