Wireless Access

I am using VIA on Win 7, iOS, OS X and Android platforms (all in the same environment) and would like some clarification on VIA's split tunneling capability/configuration, specifically:

1) Other than defining the Tunneled Networks under the VIA config profile, and checking "Enable Split Tunneling" under the same profile, is there anything else required for enabling split-tunneling specifically for VIA users?

2) The latest VIA notes I can find state the Mac OS X 1.x client is not compatible with split tunneling.  In a mixed-device environment can I utilize one VIA config profile (with ST enabled) and still support OS X clients, or do they need their own config profile?

3) Despite defining tunneled networks and enabling split tunneling under the VIA config profile, split tunneling does not appear to be working for me under Win 7 (VIA 2.1.1.0.35555).  As indicated in #1 are there any additional steps necessary to turn this on?

I have VIA working in general and can access internal networks, however the split tunneling feature specifically does not work under Win 7 (but works under Android), and there does not appears to be much guidance in the App Notes or User Guide on configurations/compatibility for this functionality.  Please advise, thanks!

---

@JGilmore wrote:

I am using VIA on Win 7, iOS, OS X and Android platforms (all in the same environment) and would like some clarification on VIA's split tunneling capability/configuration, specifically:

 

1) Other than defining the Tunneled Networks under the VIA config profile, and checking "Enable Split Tunneling" under the same profile, is there anything else required for enabling split-tunneling specifically for VIA users?

 

2) The latest VIA notes I can find state the Mac OS X 1.x client is not compatible with split tunneling.  In a mixed-device environment can I utilize one VIA config profile (with ST enabled) and still support OS X clients, or do they need their own config profile?

 

3) Despite defining tunneled networks and enabling split tunneling under the VIA config profile, split tunneling does not appear to be working for me under Win 7 (VIA 2.1.1.0.35555).  As indicated in #1 are there any additional steps necessary to turn this on?

 

I have VIA working in general and can access internal networks, however the split tunneling feature specifically does not work under Win 7 (but works under Android), and there does not appears to be much guidance in the App Notes or User Guide on configurations/compatibility for this functionality.  Please advise, thanks!

 

 

 

 

 

---

1.  Nothing else required.

2.  Still Support OSX clients

3.  Nothing else should be required.

Please enable user debugging to see what profiles you receive...  Did you check out the VIA VRD here:  http://www.arubanetworks.com/wp-content/uploads/VIAAppNote_2012-06-11.pdf

As cited the step 1 should be enough for split tunnelling to be working.

VIA forwards all DNS traffic to controller even though the traffic is destined to internet, so controller has to be configured with proper DNS IP.

Check your routing tables entries and make sure VIA is altering the routing table properly.

The routing table is being altered to included the one tunneled network block I specified, and name resolution to the DNS servers I entered under VPN Services > Primary/Secondary DNS is working properly and consistently.

Access to internal corporate resources works properly  over VIA (including access by server name), however Internet site access does not work under Win 7.  Both are working fine however on Android, both platforms are receiving the same "default-via-role" on authentication.

I've tested VIA on two different Win 7 PCs with different software/ antivirus/firewall/etc settings and both exibit the same behavior - corporate access works, Internet sites stop working.

What other aspects impact VIA split tunneling beyond the 'enable split tunneling' checkbox and ensuring DNS resolution is working?

Colin, I have a customer that wants to set up "reverse split tunneling"

Can you point me in the right direction

Led

I honestly don't know what that is.

this is what the customer sent me when I ask the same thing

Reverse Split Tunnel

NetScaler Gateway also supports reverse split tunneling, which defines the network traffic that NetScaler Gateway does not intercept.  If you set split tunneling to reverse, intranet applications define the network traffic that NetScaler Gateway does not intercept. When you enable reverse split tunneling, all network traffic directed to internal IP addresses bypasses the VPN tunnel, while other traffic goes through NetScaler Gateway. Reverse split tunneling can be used to log all non-local LAN traffic. For example, if users have a home wireless network and are logged on with the NetScaler Gateway Plug-in, NetScaler Gateway does not intercept network traffic destined to a printer or another device within the wireless network.

That feature is not supported on the VIA client.