Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN users can no longer access Internet

Status
Not open for further replies.
sgamer

sgamer

Vendor
Jan 4, 2002
15
US
Note: This isn't a PIX question but I hope someone can answer it. Thanks in advance.

I installed a VPN Concentrator 3005 at a customer site and set it to tunnel everything. Internet access is provided via a separate PIX. For some reason I can't figure out, Internet access for the VPN users isn't working anymore.

The PIX and 3005 are installed parallel to each other. There is an internal router and, of course, an external router connected to the ISP. I have the 3005 default gateway set to the external router and the tunnel default gateway set to the internal router.

It has something to do with routing because it works when I add a static route to something on the Internet with the next hop being the internal router. It looks like I can only get to destinations that have a static route.

I'm missing something and would appreciate if someone could point out what that something is. Thanks.
 
Sort by date Sort by votes
HI.

This problem is related to the "split tunnel" option.
The VPN server sends routing information about the network to the VPN client, so the client will be able to decide which traffic should be sent via the VPN tunnel, and which traffic should be sent to the "normal" default gateway of the client.

You can get some info when you double click the yellow icon of the client to see which networks are "on the other side of the VPN tunnel". It should be only internal networks behind the VPN server, and should NOT be something like 0.0.0.0

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
Thanks for the response. Actually, I'm not using Split-Tunneling and do not want to. The client wants to tunnel everything and provide Internet access through his network.

I was able to fix the problem though. I rebooted it and everything is fine now. Go figure!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
355
Shmid
Shmid
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
286
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
124
gkittelson
gkittelson
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
87
WhosYourDiffie
WhosYourDiffie
Garbear
  • Locked
  • Question
TZ190 VPN Connection works but can't ping some IP's on either side
Replies
0
Views
65
Garbear
Garbear

Part and Inventory Search

Sponsor

Back
Top