Which of the following can be determined from the Route Details tab of the VPN Client Statistics dialog box shown above? (Select the best answer.)

• 300-735 : All Parts

By default, all traffic from a VPN client is passed through an encrypted tunnel to the VPN server. However, with split tunneling, only traffic destined for a protected subnet is passed through the encrypted tunnel? all other traffic is processed normally. You can define protected subnets on the VPN server by entering the network address of each protected subnet on the Split Tunneling tab of the Group Policy window or by specifying an access control list (ACL) that includes each protected subnet. When a client establishes a VPN session, the list of protected subnets is passed from the VPN server to the VPN client as part of the session configuration parameters.
Alternatively, the VPN client can be configured to pass all nonlocal traffic through an encrypted tunnel to the VPN server. If the group policy on the VPN server permits local LAN access and the VPN client is configured to allow local LAN access, all traffic that is not destined to the local LAN is sent through the encrypted tunnel. For example, if the VPN client had a locally configured route to the 192.168.13.0/24 network, packets destined for that network would be processed normally. However, any packets destined for a network not in the VPN client’s routing table, such as the Internet, would pass through the encrypted tunnel to the VPN server. This configuration is represented on the Route Details tab of the VPN Client Statistics dialog box shown below:

The VPN Client Statistics dialog box does not indicate that the client cannot access devices on the 172.16.20.0/24 network. Because the 172.16.20.0/24 network is listed in the Secured Routes pane, traffic destined for the 172.16.20.0/24 network will pass through the encrypted tunnel to the VPN server. However, traffic destined for a network not in the Secured Routes pane, such as the Internet or the local LAN, will not pass through the tunnel and will be processed normally.
Likewise, the VPN Client Statistics dialog box does not indicate that the client cannot access devices on the local LAN. Because the router is configured for split tunneling, only traffic destined for a network in the Secured Routes pane is passed through an encrypted tunnel to the VPN server. All other traffic, including local LAN traffic, is processed normally.
You cannot determine from the Route Details tab of the VPN Client Statistics dialog box whether the client is configured to use transparent tunneling. The Tunnel Details tab of the VPN Client Statistics dialog box indicates whether the client is configured to use transparent tunneling. Transparent tunneling facilitates the creation of IP Security (IPSec) tunnels through a firewall or Network Address Translation (NAT) device. When transparent tunneling is enabled on the client, encrypted packets are encapsulated in Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) packets prior to transmission through the firewall or NAT device.