jump to navigation

VPN Split Tunneling January 14, 2010

Posted by Dimenxion in Internet, Karutan.
trackback

lega aku dapat resolve 1 vpn problem
user nak connect kat umah, nak guna vpn dan jugak internet
by default, remote default route akan diinject dalam routing table pc
jadi semua traffic akan lalu VPN
sama ada connection slow, ataupun internet takleh masuk.
guna split tunnel
jahil sungguh aku. hahaha

specify acl utk allow only specific traffic masuk ke vpn

colo#conf t
Enter configuration commands, one per line. End with CNTL/Z.
colo(config)#ip access-list ext 101
colo(config-ext-nacl)#permit ip 192.168.0.0 0.0.255.255 192.168.200.0 0.0.0.255
colo(config-ext-nacl)#permit ip 192.168.200.0 0.0.0.255 192.168.0.0 0.0.255.255
colo(config-ext-nacl)#exit

pastu masukkan acl dalam vpn config

colo(config)#crypto isakmp client configuration group staff-vpn
colo(config-isakmp-group)#acl 101
colo(config-isakmp-group)#^Z

akan jadi camni

colo#sh access-list 101
Extended IP access list 101
10 permit ip 192.168.0.0 0.0.255.255 192.168.200.0 0.0.0.255
20 permit ip 192.168.200.0 0.0.0.255 192.168.0.0 0.0.255.255

crypto isakmp client configuration group staff-vpn
key password
dns 192.168.1.15 192.168.1.12
domain acso2k.local
pool REMOTE_POOL
acl 101

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: