• August 17, 2019, 09:41:04 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: problems with a vpn client (split tunnel) and BO  (Read 4233 times)

0 Members and 1 Guest are viewing this topic.

Offline Yuri

  • Rookie
  • **
  • Posts: 2
problems with a vpn client (split tunnel) and BO
« on: August 11, 2009, 08:10:41 PM »
Hi Mike, now I'm here at the forum, this is my issues:
I have a connection with a Contivity VPN client to a contivity 1010 and the connection works fine. I get an IP and I can acess the LAN with no problems.
The problme is that when I'm connected to the contivity 1010 using the client, I do not have Internet connection ( I suppose that I should navigate trough my own internet connection).

Also I have a branch office connection between the 1010 and a BSR222, adn I can acces the network on the BSR . The 1010 is the responder and the BSR the initiator.

1010 LAN  is 192.168.1.0/255.255.255.0
BSR LAN is 192.168.2.0/255.255.255.0

When I connected with the contivity client I cannot ping any IP on the BSR,

Any suggestions


Thanks


Yuri


Offline Michael McNamara

  • Administrator
  • Hero Member
  • *****
  • Posts: 3840
    • michaelfmcnamara
    • Michael McNamara
Re: problems with a vpn client (split tunnel) and BO
« Reply #1 on: August 12, 2009, 06:11:22 PM »
Hi Yuri,

Assuming you have admin access to the 1010 VPN Router you'll need to make a few changes.

1) You'll need to define/create a Network that includes all the IP networks you'd like to route across the IPSec VPN connection. You should include all the IP networks of the main office. In the attachment I've created a "LocalNetworks" adding 192.168.1.0/255.255.255.0, the IP network of my main office for this example. You can add a network by selecting Profiles -> Networks from the web interface.

2) You'll need to enable Split Tunneling on the Group Profile you're using for the VPN clients.  You can find the different group profiles from the web interface by selecting Profiles - Groups. In the attachment I've created a group profile called VPNClients under /Base, hence /Base/VPNClients is the group. You need to edit the IPSec properties under the group and enable Split Tunneling. You then need to select the network you created in the first step as the Split Tunnel Networks.

That should be all you need to-do since you had previously made successful connections.

Good Luck!
We've been helping network engineers, system administrators and technology professionals since June 2009.
If you've found this site useful or helpful, please help me spread the word. Link to us in your blog or homepage - Thanks!

Offline Yuri

  • Rookie
  • **
  • Posts: 2
Re: problems with a vpn client (split tunnel) and BO
« Reply #2 on: August 13, 2009, 11:47:53 AM »
Thank you. I'll try it