Inverse split tunneling, Using the 0.0.0.0/0 subnet wildcard, Configuring the subnet wildcard – Panasonic 7 User Manual

Chapter 4 Configuring user tunnels 87

To select the split tunneling mode in which you wish to operate, the Split
Tunneling drop down menu has been modified to include two new options.

Enabled - Inverse and Enabled - Inverse (locally connected). The default will
remain Disabled.

Inverse split tunneling

Using the 0.0.0.0/0 subnet wildcard

The option to perform auto-detection of directly connected local subnets is
configured by adding a subnet of 0.0.0.0 with a 0.0.0.0 mask to the inverse split

tunnel networks list on the Nortel VPN Router. When the NVC receives the list of
inverse split networks, it expands the 0.0.0.0 to be all of the directly connected
local subnets detected on the host. Any additional subnets in a list are processed as
before. The 0.0.0.0/0 is simply a wildcard to be expanded. After expansion, traffic

destined for these subnets is allowed to flow outside of the tunnel. While this
option is valid for both the Inverse Split and Inverse Split (Locally Connected)
modes, it is really only useful for the first variant. The subnets generated by the
0.0.0.0/0 expansion always pass the Locally Connected test because, by definition

they must be locally connected. Any additional subnets listed would are either

duplicates of the wildcard expansion or not do pass the test.

Configuring the subnet wildcard

To configure the subnet wildcard:

1

Select Profiles > Groups > Edit > IPsec.

Figure 12 shows the Edit > IPsec page with Inverse split tunneling.

Nortel VPN Router Configuration — Basic Features