Similarly VPN users complain that they cannot access other resources on their home network when the VPN connection is established This generally happens as a result of split-tunneling being disabled. While split-tunneling can pose security risks, these risks can be mitigated to a point by having strong, enforced security policies in place and automatically pushed to the client upon connection (for example, a policy could require that current antivirus software be installed, or that a firewall be present). On a PIX, use this command to enable split tunneling: vpngroup vpngroupname split-tunnel split_tunnel_acl You should have a corresponding access-list command that defines what will come through the encrypted tunnel and what will be sent out in the clear. For example,access-list split_tunnel_acl permit ip 10.0.0.0 255.255.0.0 any, or whatever your IP range is.