We have a PIX 515 where users connect via VPN Client to access the LAN in our home office. It works just fine. We (Admins) have never wanted to let users have access to their local LAN while connected to the home office. We were able to convince management this was the right way to do things....until now.
It seems users need to access their local LAN while connected via VPN Client and according to new management it is HIGH PRIORITY. FIX IT!
Its not broke we say...whatever, we lost.
I have tried these changes:
access-list vpnlist permit ip 10.1.1.0 255.255.255.0 any vpngroup vpn3000 split-tunnel vpnlist
Where 10.1.1.x is the LAN at my house.
I successfully connect to the PIX with VPN Client and have access to my local LAN but no acces to office LAN.
What am I doing wrong?
More info:
The PIX hands out to VPN Clients IPs that are on the same network as the home office network. Does this complicate matters?
Thanks,
P.