The new version 3.5 of Cisco VPN Client allows local LAN browsing access with split tunneling. I know there is a big debate over sending all of your traffic over the VPN just to get to a website that's up the street. We have multiple PIX firewalls in failover configuration at our head office and that is certainly more secure esp. if the client does not have any firewall protection whatsover. The new client 3.5 and concentrator IOS 3.4 is supposed to add the firewall option/mandatory to the client. I'll be testing it this month.
-Jake -----Original Message----- From: Nat Heidler [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 29, 2001 3:46 PM To: '[EMAIL PROTECTED]' Cc: Gibb, Jake Subject: RE: VPN back door I recently installed a VPN at work (city goverment). You would be much better off disabling split-tunneling at the concentrator level rather than trying to push it out to each client. That will stop your back doors. And yes, it even cuts out all connections on a local network. I have 4 machines in a workgroup at home, with a shared music drive. When I VPN into work, that share are no longer available to other clients. Nat Somewhere in Kansas, USA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27736&t=27736 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]