ArubaOS 8.6.0.0Help Center
You are here: Home > Remote Access Points > Split Tunneling

Understanding Split Tunneling

The split tunnelingfeature allows you to optimize traffic flow by directing only corporate traffic back to theManaged Device, while local application traffic remains local. This ensures that local traffic does not incur the overhead of the round trip to theManaged Device, which decreases traffic on theWANWide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance.link and minimizes latency for local application traffic. This is useful for sites that have local servers and printers. With split tunneling, a remote user associates with a singleSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network., not multipleSSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network., to access corporate resources (for example, a mail server) and local resources (for example, a local printer). Theremote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.examines sessionACLs访问控制列表。ACL is a common way of restricting certain types of traffic on a physical port.to distinguish between corporate traffic destined for theManaged Deviceand local traffic.

Figure 1Sample Split Tunnel Environment

Figure 1displays corporate traffic which isGREGeneric Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network.tunneled to theManaged Devicethrough a trusted tunnel and local traffic is sent through thesource NATSource NAT changes the source address of the packets passing through the router. Source NAT is typically used when an internal (private) host initiates a session to an external (public) host.and bridged on the wired interface based on the configured user role and sessionACL访问控制列表。ACL is a common way of restricting certain types of traffic on a physical port..

/*]]>*/
Baidu