This article is intended for anyone who will be using the Cisco AnyConnect VPN.
What is Split Tunneling?
VPN split tunneling lets you send some of your application or device traffic through an encrypted VPN, while other applications or devices have direct access to the internet. This is particularly useful if you want to benefit from services that perform best when your location is known while also enjoying secure access to potentially sensitive communications and data.
What does this mean for me?
Split-tunneling will send traffic meant for any university IP address, both the public addresses (137.99.x.x) and private addresses (10.x.x.x), used on campus. Most of the time this will not interfere with your ability to use non-university resources, however a few Internet providers and businesses might be using the same parts of private IP space in such a way that Split-tunneling will not allow you access to your local/non-university resources.
If, when you are connected to the VPN you discover that you have lost access to local resources on your home network, such as a network printer, this may be an indication of having an overlap with an existing UConn network. Since UConn cannot practically adjust is use of 10 space that overlaps with your home network. You will need to coordinate with your ISP (this may be Comcast, Cox, Spectrum, etc.) to move your home network to something that is more in-line with best practices. (e.g. 192.168.x.x). You can use the following commands on Windows/Mac to determine if you have an IP in the 10.x.x.x space:
Windows Computers
If you are on a Windows computer you can open a Command Prompt or Windows PowerShell by right clicking on the start button and selecting one of the two previously mentioned options. In the window you can type “ipconfig” and press enter. You will probably see something very similar to:
Ethernet adapter Ethernet: Connection-specific DNS Suffix . : hsd1.ct.comcast.net IPv4 Address. . . . . . . . . . . : 10.0.0.225 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.0.0.1
Macintosh Computers
If you're on a Mac computer, open up Terminal by going to Finder > Applications > Utilities > Terminal. In the window that opens, type in 'ifconfig' and press enter. You should see something similar to below:
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=400<CHANNEL_IO> ether 3c:22:fb:be:63:00 inet6 fe80::416:a486:685:ed95%en0 prefixlen 64 secured scopeid 0x6 inet 192.168.1.35 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=201<PERFORMNUD,DAD> media: autoselect status: active
What can I do?
This means that your network does in fact overlap with a UConn network. You will have two options.
- You will need to disconnect from the VPN to access local network resources, such as printers, scanners, NAS devices.
- Contact you ISP and ask them to help you move your network to a 192.168.???.??? Network.
Related Articles