Hi - I use AnyConnect to establish a secure tunnel to a corporate office. I prefer to route only corporate traffic through the tunnel. How do I change AnyConnect to allow for split routes and to add routes for corporate and leave the default route for everything else as is without the VPN established?
Corporate networks: 10.0.0.0/8 & 184.108.40.206/8
Local network: 192.168.1.0/24
Local Interface: 1 (192.x.x.50)
VPN Interface: 5 (172.x.x.65)
I've attempted to add the following to my AnyConnectProfile.tmpl but no changes:
Re: AnyConnect 2.5.x secured and non-secured routes
I believe what you are looking for is 'Split-tunneling' have a look at your Group Policy
Configuration > Remote Access VPN > Network (Client) Access > Group Policies and then under 'Advanced' select 'Split-Tunneling' and setup an acl to define the traffic to either be included or excluded.
If you are going to use an AnyConnect Profile then you can configure under preferences you can check off 'Local Lan Access'
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...