ASA 7.2 Split Tunnel Problem

Unanswered Question
Jul 8th, 2007

We have a ASA5510 setup with LAN to LAN and Remote Access VPN. We want the Remote Access clients to have local LAN access and direct Internet connectivity, not over the tunnel. The tunnel comes up and traffic can pass over it, we can also access the Internet, but over the tunnel and back out the VPN interface, this is not what we want. Only traffic to 10.1.2.X should be encrypted. In this sample the local LAN is 192.168.193.x

Each time a VPN client connects, it logs an error:


Cisco Systems VPN Client Version

Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 5.1.2600 Service Pack 2

Config file directory: C:\Program Files\Cisco Systems\VPN Client

1 14:18:40.062 07/09/07 Sev=Warning/2 CVPND/0xE3400013

AddRoute failed to add a route: code 87





2 14:18:40.078 07/09/07 Sev=Warning/2 CM/0xA3100024

Unable to add route. Network: c0a8c1ff, Netmask: ffffffff, Interface: ac10fc01, Gateway: ac10fc01.


Also looking at the Stats of the connection the protected network is

I have attached the config.

Any help would be great please.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
scottyd Sun, 07/08/2007 - 20:42

Also when a VPN client is connected the following is logged on the ASA

%ASA-3-305005: No translation group found for udp src outside: dst outside:

I know it is netbios traffic, but should this be like this?




This Discussion