SRX Services Gateway
SRX Services Gateway

Split tunnelling in remote access vpn.

‎01-30-2019 03:44 AM

Hi to all,

 

I have configured a remote access VPN with NCP client on a SRX345. It's working fine, from the remote client I can access the internal network through VPN access, but all the traffic is being encrypted ... Is there any way to make a tunnel divided ?

 

I mean, Internet traffic goes directly from the client to anywhere and only traffic to internal networks is encrypted.

 

Thanks in advance!!

David.

4 REPLIES 4
Highlighted
SRX Services Gateway
Solution
Accepted by topic author dBabi
‎02-01-2019 02:46 AM

Re: Split tunnelling in remote access vpn.

‎01-30-2019 04:24 AM

Hi David,

 

Split tunnelling is controlled by the NCP profile and Traffic Selectors on the SRX.

Though I couldnt find any SRX specific doc, screenshots at https://kb.juniper.net/InfoCenter/index?page=content&id=KB17364

 

The screenshots are probably from an older version of NCP, but should provide an idea on how to get it done.

Regards,
Gokul
SRX Services Gateway

Re: Split tunnelling in remote access vpn.

‎01-30-2019 04:41 AM

Hi Gokul,

 

Thanks for the information... I've tested and works properly... But, Is there any way to force the split tunneling from the SRX configuration??? 

 

Thanks in advance!!

David

 

SRX Services Gateway

Re: Split tunnelling in remote access vpn.

‎01-30-2019 06:26 AM

You are Welcome!

 

I don't think it can be done with NCP. You may be able to do it with Pulse though (https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-dynamic-vpns-with-pulse-...)

Regards,
Gokul
SRX Services Gateway

Re: Split tunnelling in remote access vpn.

‎01-31-2019 04:45 AM

Hi David,

 

Just in case your primary query is answered, please mark this thread as resolved.

It might help others with a similar query.

 

 

 

Regards,
Gokul