From: Rik Guyler (rik@guyler.net)
Date: Mon Feb 16 2004 - 16:11:18 GMT-3
Split tunnel is not so much enabled by default on a site-to-site VPN but
more that you specifically define what does get tunneled so you don't
really need to define a split-tunnel ACL. What ever traffic matches
your match address ACL gets tunneled and everything else takes the
normal path out.
You would typically only need to define a split-tunnel ACL for remote
clients coming in dynamically.
Rik
-----Original Message-----
From: Ed bajes [mailto:ccie10374@yahoo.com]
Sent: Monday, February 16, 2004 1:56 PM
To: ccielab@groupstudy.com
Subject: PIX split tunnel
to my understanding, split tunnel is enabled by
default in a site-to-site VPN setup, how do I disable
it? is there a command or an indirect way of disabling
it?
I'm using a 6.3.1 PIX 506E firewall.
Thanks,
ED
__________________________________
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online.
http://taxes.yahoo.com/filing.html
This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:50 GMT-3