We have enabled SSL VPN for externals users.
Everything is just fine for Windows users but Mac and Linux users have some troubles :
When the local network of the clients is a subnet of the tunneled routes, traffic destinated to the addresses of the client network does NOT go through the VPN adapter.
client network :
192.168.0.0/24 gw 192.168.0.1
tunneled routes (split tunnel):
VPN address pool :
If a VPN client talks to an address that is not in 192.168.0.0/24 but in 192.168.0.0/16, traffic is OK through VPN.
If a VPN client talks to an address that is in 192.168.0.0/24, traffic does not go through VPN adapter.
The route tables at VPN start indicates
default -> 192.168.0.1 (client interface)
192.168.0.0/16 -> 10.1.2.x (VPN adapter)
For example, if I try to ping 192.168.0.200, the route table adds an entry :
192.168.0.200 -> 192.168.0.x (client interface)
Wheras it should even not appear (because of the second line in the above list)
Is there any way to change that behavior (the device is an ASA 5510) ?