Re: Do you allow your vpn clients to do split tunneling?

[Timothy Fairlie <fairlie () RIDER EDU>]

Like Julian, we don't allow split-tunneling, except for a few
system/network admin folks

On 5/10/2010 9:49 AM, Julian Y. Koh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> At 9:22 AM -0400 5/10/10, John L. Isenhour wrote:
>
> > We set up a citrix vpn service and I became aware that we're allowing
> > split tunneling.  This is verboten most places I've been, but some of the
> > network staff have voiced that it might be a preferred way to go.
> Our traditional VPN service (PPTP, L2TP/IPSec, and Cisco IPSec VPN Client)
> does not use split tunneling.  When we originally rolled out the service,
> we tried to use split tunneling, but since it was desired that the VPN be
> used to access things like library licensed materials that were IP
> restricted, the split tunnel list quickly became unmanageable, so we turned
> off split tunneling and tunneled all traffic.
>
> A few years back, we rolled out SSL VPN services with a layer 3 tunneling
> client available.  That service is targeted at sysadmins,
> vendors/consultants, and users of sensitive systems, so we are usuing split
> tunneling there.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: 9.9.1.287
>
> wj8DBQFL6A7LDlQHnMkeAWMRArwMAJ0dz3eG6u72MvlgDJRU6c8kks3rTQCghJmZ
> fo3+SZ6HBIgkcHrhN2ydFh4=
> =/McV
> -----END PGP SIGNATURE-----

--
Timothy J. Fairlie
Director, Network and Communication Services
Rider University      Fairlie () rider edu