Download Print this page

Defining Network Connect Split Tunneling Policies (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 Manual

Configuring secure access devices guide

Hide thumbs Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01:

Manual (444 pages)

,

Administration manual (1026 pages)

,

Installation manual (244 pages)

Table of Contents

Advertisement

Defining Network Connect Split Tunneling Policies (NSM Procedure)

Table 39: Configuring Network Connect Split Tunneling Policy Details

Options

Resources

Copyright © 2010, Juniper Networks, Inc.

Network Connect (NC) split tunneling policies specify one or more network IP

address/netmask combinations for which the device handles traffic passed between

the remote client and the corporate intranet. You can also specify traffic that should not

pass through the NC tunnel.

When split-tunneling is used, NC modifies routes on clients so that traffic meant for the

corporate intranet networks to NC and all other traffic goes through the local physical

adapter. The IVE tries to resolve all DNS requests through the physical adapter first and

then routes those that fail to the NC adapter.

For example,

If split tunneling is disabled and the exclude route contains 10.204.50.0/24, then all

traffic except 10.204.50.0 networks will go through NC.

If split tunneling is enabled and the included route contains 10.204.64.0/18 and the

exclude traffic contains 10.204.68.0/24, networks from 10.204.64.0/18 to

10.204.127.0/18 will pass through the NC tunnel. The 10.204.68.0/24 network will not

pass through the NC tunnel.

If split tunneling is enabled and the include route contains 10.204.64.0/24 (subnet of

the excluded route), and the exclude route contains 10.204.64.0/18 (super set of the

included route), then the included network's traffic will still be routed through the NC

tunnel.

To write an NC split-tunneling networks resource policy:

In the navigation tree, select Device Manager > Devices. Click the Device Tree tab,

1.

and then double-click the Secure Access device for which you want to write an NC

split-tunneling networks resource policy.

Click the Configuration tab. Select Users > Resource Policies > Network Connect >

2.

Split-tunneling Networks.

Click New Profile, and then enter the name and the description for the policy.

3.

Add or modify more settings as specified in Table 39 on page 159.

4.

Click one:

5.

OK—Saves the changes.

Cancel—Cancels the modifications.

Your Action

Enter the new resource name for the split tunnel resource policy.

Chapter 10: Configuring Secure Access Resource Policies

159

Table of Contents

Advertisement

Chapters

Table of Contents

Need help?

Need help?

Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 and is the answer not in the manual?

Questions and answers

Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01

This manual is also suitable for:

Network and security manager