SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Split tunnelling in remote access vpn.

    Posted 01-30-2019 03:45

    Hi to all,

     

    I have configured a remote access VPN with NCP client on a SRX345. It's working fine, from the remote client I can access the internal network through VPN access, but all the traffic is being encrypted ... Is there any way to make a tunnel divided ?

     

    I mean, Internet traffic goes directly from the client to anywhere and only traffic to internal networks is encrypted.

     

    Thanks in advance!!

    David.


    #JUNOS
    #srx345
    #remote
    #Access


  • 2.  RE: Split tunnelling in remote access vpn.
    Best Answer

     
    Posted 01-30-2019 04:25

    Hi David,

     

    Split tunnelling is controlled by the NCP profile and Traffic Selectors on the SRX.

    Though I couldnt find any SRX specific doc, screenshots at https://kb.juniper.net/InfoCenter/index?page=content&id=KB17364

     

    The screenshots are probably from an older version of NCP, but should provide an idea on how to get it done.



  • 3.  RE: Split tunnelling in remote access vpn.

    Posted 01-30-2019 04:42

    Hi Gokul,

     

    Thanks for the information... I've tested and works properly... But, Is there any way to force the split tunneling from the SRX configuration??? 

     

    Thanks in advance!!

    David

     



  • 4.  RE: Split tunnelling in remote access vpn.

     
    Posted 01-30-2019 06:26

    You are Welcome!

     

    I don't think it can be done with NCP. You may be able to do it with Pulse though (https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-dynamic-vpns-with-pulse-secure-clients.html)



  • 5.  RE: Split tunnelling in remote access vpn.

     
    Posted 01-31-2019 04:45

    Hi David,

     

    Just in case your primary query is answered, please mark this thread as resolved.

    It might help others with a similar query.