cancel
Showing results for 
Search instead for 
Did you mean: 

VPN BIG-IP Edge client : traffic over VPN tunnel with full or split tunneling

lisa_d
Nimbostratus
Nimbostratus

We have established a VPN connection between a Windows client and a BIGIP v15.

We are using BIGIP Edge client, with network access.

 

Full tunneling

We do not really understand what kind of traffic is allowed or disallowed over the VPN tunnel.

According to this document : https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-network-access-13-0-0/2.htm...

with full tunneling "all traffic (including traffic to or from the local subnet) is forced over the VPN tunnel."

How traffic to local subnet can be forced over the VPN tunnel ?

Does full tunneling ensure that the resource is not leaking traffic to the client's LAN ?

 

Split tunneling

In order to use split tunneling, we have to fill the field "IPV4 LAN Address Space", to specify a list of addresses. Only the traffic to these addresses goes through the tunnel configured for Network Access, all other traffic bypasses the tunnel.

As this field is mandatory, what is the purpose of the field "Exclude Address Space" (not mandatory) ?

What is the purpose of the feature "split by DNS" ? How to know if it is better to use "split by DNS" instead of "split by IP" ?

1 REPLY 1

lisa_d
Nimbostratus
Nimbostratus

Should I develop my questions ?