Gang, we have clients setup on a VPN, terminated with a PIX 515. Right now, I am not split tunneling.
Is it possible that I setup an ACL to allow a split tunnel for ONLY a few IP addresses.. For example...
I would like my users to hit our external web server without going through the vpn,
formatting link
but still have to go through our vpn for
formatting link
I tried something like...
access-list split permit ip any myexternaldomain.com vpngroup roadhog split-tunnel split
that didn't work, and after reading the docs closer, it sounded like the split acl only tells the tunnel what to encrypt.
Thanks for your help
Kilgore