VPN, Configuration for local LAN access

When connected to the VPN with Tunnel All, by default all traffic is sent to the campus VPN server, even for the IP space on the locally connected network. If you need to use Tunnel All and also connect to local resources like servers or printers, then you need to enable local LAN access.
The campus VPN server is configured so that if you need to use Tunnel All you can still access your local resources at home like servers and printers. In order to do this you have to check the box marked "Allow local (LAN) access when using VPN (if allowed)".  This check box is available in the settings or preferences panel. Please note that this setting does nothing if you connect with Split Tunnel.

On a Mac client, click the gear icon to bring up the Preference page:

 Mac preferences button

 and the graph icon to bring up the Statistics and Route Details page:

Mac stats button


On a Windows client, click the gear icon to get to Preferences, Statistics, and Route Details page.


Windows gear icon


LAN setting checkedwindows prefernce screen with allow local (LAN) checked

When the "Allow local (LAN)" setting is checked, the VPN IPv4 Tunnel mode will be reported as "Spilt Exclude" on the Statistics report, and your local subnets will be shown as "not secure" in the route details.

Stats window showing split exclude

shows that the route details include local IP range


When the "Allow local (LAN)" box is not checked the IPv4 Tunnel mode will be reported as Tunnel All on the statistics page, and there will be no networks listed as "non secure" on the Route details page.

shows allow local LAN setting not checked

shows Tunnel All in mode on stats page



shows no unsecure routes on route details page



KeywordsVPN LAN printing printer local server tunnel all access use   Doc ID81643
OwnerNetwork E.GroupUniversity of Illinois Technology Services
Created2018-04-17 21:34:08Updated2021-08-13 08:46:37
SitesUniversity of Illinois Technology Services
Feedback  10   4