Need to know how to setup a split-tunnel on a 2621 dsl router to allow a cisco vpn client user the abuility to retain their local lan access. Also need acl to only allow port 3306 and port 4899 Would it be something to the order of: ! Split-tunnel info access-list enochlan permit ip 10.0.0.0 255.0.0.0 192.168.5.0 255.255.255.0 vpngroup tunnel1 split-tunnel enochlan
Then do we create extended acls to this tunnel1 and apply the acl group to the tunnel1 interface?
This is probably what you are looking for:
crypto isakmp client configuration group hw-client-groupname key hw-client-password dns 30.30.30.10 30.30.30.11 wins 30.30.30.12 30.30.30.13 domain cisco.com pool dynpool acl 150
"acl 150" is the split-tunnel, and "dynpool" is the ip address the client will be assigned.
255.255.255.0Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.