VPN, Configuration for local LAN access

When connected to the VPN with Tunnel All, by default all traffic is sent to the campus VPN server, even for the IP space on the locally connected network. If you need to use Tunnel All and also connect to local resources like servers or printers, then you need to enable local LAN access.

The campus VPN server is configured so that if you need to use Tunnel All you can still access your local resources at home like servers and printers. In order to do this you have to check the box marked "Allow local (LAN) access when using VPN (if allowed)".  This check box is available in the settings or preferences panel.

On a Mac client, click the gear icon to bring up the Preference page:

 mac-preference-button 

 and the graph icon to bring up the Statistics and Route Details page:

pointer to graph icon


On a Windows client, click the gear icon to get to Preferences, Statistics, and Route Details page.

windows preferences and details page



picture of LAN checkbox checked windows prefernce screen with allow local (LAN) checked

When the "Allow local (LAN)" setting is checked, the VPN IPv4 Tunnel mode will be reported as "Spilt Exclude" on the Statistics report, and your local subnets will be shown as "not secure" in the route details.

Stats window showing split exclude

shows that the route details include local IP range


When the "Allow local (LAN)" box is not checked the IPv4 Tunnel mode will be reported as Tunnel All on the statistics page, and there will be no networks listed as "non secure" on the Route details page.

shows allow local LAN setting not checked

shows Tunnel All in mode on stats page



shows no unsecure routes on route details page




Keywords:VPN LAN printing   Doc ID:81643
Owner:Debbie F.Group:University of Illinois Technology Services
Created:2018-04-17 21:34 CDTUpdated:2018-04-18 10:35 CDT
Sites:University of Illinois Technology Services
Feedback:  0   0