[plug] vpn breaks home network

Adrian Chadd adrian at creative.net.au
Wed Dec 12 10:34:23 WST 2007

On Wed, Dec 12, 2007, Jon L. Miller wrote:
> What it appears that Rob needs to do to fix this is to have split
> tunneling enable so it can send access to the local lan, but this has to
> be done from the VPN server (main router).  He also needs to enable access
> to local lan on his vpn client.
> I've run into this several times in the past when we ran a large vpn network.

It doesn't specifically have to be done from the VPN server. Its just
how the software controlling the VPN at the client side gets its

IPSEC is weird. Its sometimes used as a tunnel (ie, you have an interface
which acts just like any other), sometimes it uses security policy with
or without the tunnel (ie, it uses rules to say "match on X, Y; send
to IPSEC peer X".) Thats part of the security association setup with

(I hate IPSEC in the SA mode; I much prefer it in tunnels. The world
doesn't agree however.)


More information about the plug mailing list