Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: VPN service -- Quick Poll (split tunneling?)

From: Jeff Kell <jeff-kell () UTC EDU>
Date: Fri, 9 Mar 2012 15:41:09 -0500
Caveat1:  we don't have "general access" VPN for just anyone with an AD login or other
generic campus credentials, so we may have more knowledgeable (than usual) users.

Caveat2:  our campus is on private addresses, so there is less ambiguity in the
split-/full-tunnel cases. 

We used to do exclusively split-tunnel operation to conserve on bandwidth, the campus
was exceedingly constrained early on.

Our new VPN (about to enter production) provides the user with both split- and
full-tunnel profiles with the caveat that full-tunnel is our recommendation for any open
/ unencrypted WiFi environment.

Jeff

On 3/9/2012 3:25 PM, Kris Monroe wrote:

For those that have answered yes, would you mind outlining whether you
allow split tunneling or not? I would also appreciate your rationale one
way or the other.

I've always been taught that split tunneling is a really bad idea, but
this topic has recently come up in our remote access project.
Previous By Date Next
Previous By Thread Next

Current thread: