Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AnyConnect 2.5.x secured and non-secured routes

Hi - I use AnyConnect to establish a secure tunnel to a corporate office.  I prefer to route only corporate traffic through the tunnel.  How do I change AnyConnect to allow for split routes and to add routes for corporate and leave the default route for everything else as is without the VPN established?

eg:

Corporate networks: 10.0.0.0/8 & 172.0.0.0/8

Local network:     192.168.1.0/24

Local Interface:     1 (192.x.x.50)

VPN Interface:      5 (172.x.x.65)

I've attempted to add the following to my AnyConnectProfile.tmpl but no changes:

<ClientInitialization>

   <PPPExclusion UserControllable="true">Override</PPPExclusion>

</ClientInitialization>

<AnyConnectPreferences>

<ControllablePreferences>

<PPPExclusion>Automatic

<PPPExclusionServerIP>204.217.125.37</PPPExclusionServerIP></PPPExclusion>

</ControllablePreferences>

</AnyConnectPreferences>

Any help here is much appreciated.  Thanks...

1 REPLY
New Member

Re: AnyConnect 2.5.x secured and non-secured routes

I believe what you are looking for is 'Split-tunneling'  have a look at your Group Policy

ASDM

Configuration > Remote Access VPN > Network (Client) Access > Group Policies  and then under 'Advanced' select 'Split-Tunneling' and setup an acl to define the traffic to either  be included or excluded.

If you are going to use an AnyConnect Profile then you can configure under preferences you can check off 'Local Lan Access'

Configuration > Remote Access VPN > Network (Client) Access > AnyConnect Client Profile

6061
Views
0
Helpful
1
Replies