From: simon@not-here.com   
      
   hals left wrote:   
   > Hi, I have remote users (Windows 2K/XP) that connect to ISA/Win2K3   
   > Server using Windows Client VPN. How can I allow them access to   
   > Email/Internet while connected to teh VPN?   
   > Is there some setting in the VPN Client or there Router to allow this ?   
   >   
   > All the VPN I have seen have this same problem and I have been told its   
   > a security risk to allow Internet/Email while a VPNis up, is this true   
   > ?   
   >   
   > Thanks.   
   >   
   Hi,   
   Yes it's a security risk if the remote computer becomes compromised, as   
   the internet connection going out locally could allow a back door into   
   your network when the client vpn is connected. However with the ms   
   client you can open up split routing to do what you need, in the tcpip   
   properties of the remote PCs connection to you under advanced untick the   
   'use default gateway on remote network' then only traffic destined for   
   the subnet that the client vpn address gets goes down the tunnel, all   
   else goes out locally. If there is more than one subnet at your location   
   the remote clients would need to use the route add command to add the   
   additional routes needed.   
   simon   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)