AnyConnect and default gateway

Unanswered Question
Sep 28th, 2008

Hi,

I'm using the AnyConnect client version 2.1 on a bunch of Windows XP workstations. My problem is that after a successful connect to my asa 5505 the default gateway that I set dissapears after about 30 seconds. So basically, everything works for half a minute but without a default gateway, nothing will work (obviously)

The output ipconfig /all :

IP Address. . . . : 192.168.1.242

Subnet Mask . . . . . : 255.255.255.0

Default Gateway . . . . : 192.168.1.1

DNS Servers . . . . . . . : 192.168.1.4

Then after a while (no default gateway):

IP Address. . . . : 192.168.1.242

Subnet Mask . . . . . : 255.255.255.0

Default Gateway . . . . :

DNS Servers . . . . . . . : 192.168.1.4

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
robbhanMid Sun, 09/28/2008 - 08:06

I think so. I don't have access to the asa right now so I can't tell for sure.

In what way does it matter?

Marwan ALshawi Sun, 09/28/2008 - 16:18

if u dont have it evry thraffic from ur computer will go through the tunnel vpn

if u have it u can decide which traffic should be tunnel and anything elde use the normal computer setting..try it and let me know if it is the cause !!!

robbhanMid Tue, 09/30/2008 - 00:35

Thanx for your reply.

Is the spilt tunneling a client setting on each host or can I set it in the asa. Thru an ip pool setting perhaps?

Marwan ALshawi Tue, 09/30/2008 - 08:22

split tunnel configured on the ASA

u use it to spicify what trafic should be send over the vpn tunnel and what should use the PC seeting

for example if ur internal network is 192.168.1.0/24

u creat an ACL that match this traffic and put it in the wevvpn setting in the group-policy as a split tunnel list

inthis case if the user want to use the internet and the vpn at the same time

traffic going to 192.168.0/24 will go through the tunnel and any other traffic will use the PC network setting

by defualt all traffic goes over the tunnel !!

the folowing simple config:

group-policy svc-client internal

group-policy svc-client attributes

wins-server value 192.168.0.102

dns-server value 192.168.0.102

vpn-tunnel-protocol svc

split-tunnel-policy tunnelspecified

split-tunnel-network-list value split

access-list split standard permit 192.168.0.0 255.255.255.0

the split ACL represent the internal netwrok that the user will send his traffic to it as a tunneled traffic

good luck

if helpful Rate

sr2623235 Sun, 10/12/2008 - 07:30

Hi there,

I'm also having similar kind of problem...as soon as the ssl vpn gets connected the default gateway to the internet goes away...

Before conneciton

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 10.1.1.60

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.1.1.254

After Connection

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 10.1.1.60

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected

Ethernet adapter Local Area Connection 7:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 192.168.251.1

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.251.1

here you can see that my connection to the internet is 10.1.1.X and ip that vpn leases is 192.168.251.x ...and you can see that my defauls gateway to the internet gets vanished...i have given tunnelall in group-policy...and when i am connected i cannot ping or connect to any or devices that are behind that asa...please suggest me what to do correct the problem..

Thanks,

Joe

Actions

Login or Register to take actions

This Discussion

Posted September 28, 2008 at 12:18 AM
Stats:
Replies:6 Avg. Rating:
Views:605 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard