Wireless Access

Reply
Occasional Contributor II

VIA and Split Tunneling

I am using VIA on Win 7, iOS, OS X and Android platforms (all in the same environment) and would like some clarification on VIA's split tunneling capability/configuration, specifically:

 

1) Other than defining the Tunneled Networks under the VIA config profile, and checking "Enable Split Tunneling" under the same profile, is there anything else required for enabling split-tunneling specifically for VIA users?

 

2) The latest VIA notes I can find state the Mac OS X 1.x client is not compatible with split tunneling.  In a mixed-device environment can I utilize one VIA config profile (with ST enabled) and still support OS X clients, or do they need their own config profile?

 

3) Despite defining tunneled networks and enabling split tunneling under the VIA config profile, split tunneling does not appear to be working for me under Win 7 (VIA 2.1.1.0.35555).  As indicated in #1 are there any additional steps necessary to turn this on?

 

I have VIA working in general and can access internal networks, however the split tunneling feature specifically does not work under Win 7 (but works under Android), and there does not appears to be much guidance in the App Notes or User Guide on configurations/compatibility for this functionality.  Please advise, thanks!

 

 

 

 

 

Guru Elite

Re: VIA and Split Tunneling


JGilmore wrote:

I am using VIA on Win 7, iOS, OS X and Android platforms (all in the same environment) and would like some clarification on VIA's split tunneling capability/configuration, specifically:

 

1) Other than defining the Tunneled Networks under the VIA config profile, and checking "Enable Split Tunneling" under the same profile, is there anything else required for enabling split-tunneling specifically for VIA users?

 

2) The latest VIA notes I can find state the Mac OS X 1.x client is not compatible with split tunneling.  In a mixed-device environment can I utilize one VIA config profile (with ST enabled) and still support OS X clients, or do they need their own config profile?

 

3) Despite defining tunneled networks and enabling split tunneling under the VIA config profile, split tunneling does not appear to be working for me under Win 7 (VIA 2.1.1.0.35555).  As indicated in #1 are there any additional steps necessary to turn this on?

 

I have VIA working in general and can access internal networks, however the split tunneling feature specifically does not work under Win 7 (but works under Android), and there does not appears to be much guidance in the App Notes or User Guide on configurations/compatibility for this functionality.  Please advise, thanks!

 

 

 

 

 


1.  Nothing else required.

2.  Still Support OSX clients

3.  Nothing else should be required.

 

Please enable user debugging to see what profiles you receive...  Did you check out the VIA VRD here:  http://www.arubanetworks.com/wp-content/uploads/VIAAppNote_2012-06-11.pdf

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Employee

Re: VIA and Split Tunneling

As cited the step 1 should be enough for split tunnelling to be working.

 

VIA forwards all DNS traffic to controller even though the traffic is destined to internet, so controller has to be configured with proper DNS IP.

 

Check your routing tables entries and make sure VIA is altering the routing table properly.

Occasional Contributor II

Re: VIA and Split Tunneling

The routing table is being altered to included the one tunneled network block I specified, and name resolution to the DNS servers I entered under VPN Services > Primary/Secondary DNS is working properly and consistently.

 

Access to internal corporate resources works properly  over VIA (including access by server name), however Internet site access does not work under Win 7.  Both are working fine however on Android, both platforms are receiving the same "default-via-role" on authentication.

 

I've tested VIA on two different Win 7 PCs with different software/ antivirus/firewall/etc settings and both exibit the same behavior - corporate access works, Internet sites stop working.

 

 

What other aspects impact VIA split tunneling beyond the 'enable split tunneling' checkbox and ensuring DNS resolution is working?

Aruba Employee

Re: VIA and Split Tunneling

Colin, I have a customer that wants to set up "reverse split tunneling"

Can you point me in the right direction

 

Led

Guru Elite

Re: VIA and Split Tunneling

I honestly don't know what that is.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Employee

Re: VIA and Split Tunneling

this is what the customer sent me when I ask the same thing

 

Reverse Split Tunnel

NetScaler Gateway also supports reverse split tunneling, which defines the network traffic that NetScaler Gateway does not intercept.  If you set split tunneling to reverse, intranet applications define the network traffic that NetScaler Gateway does not intercept. When you enable reverse split tunneling, all network traffic directed to internal IP addresses bypasses the VPN tunnel, while other traffic goes through NetScaler Gateway. Reverse split tunneling can be used to log all non-local LAN traffic. For example, if users have a home wireless network and are logged on with the NetScaler Gateway Plug-in, NetScaler Gateway does not intercept network traffic destined to a printer or another device within the wireless network.

Highlighted
Guru Elite

Re: VIA and Split Tunneling

That feature is not supported on the VIA client.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: