Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote VPN Default Gateway

I have an ASA 5510 terminating a remote access VPN using Cisco VPN client 4 and 5. Recently I have been advised that users are having trouble accessing network shares and I have found that the default gateway assigned to remote clients is invalid. The address pool for remote clients is x.x.1.235 - x.x.1.250. When I connect to the VPN and do an ipconfig I get a default-gateway of x.x.0.1. This address is part of our network but is a server and not a router. I am unable to find a command to set the default-gateway for remote access clients. Once I manually change the default-gateway everything seems to work. The problem is that users do not have admin rights to their PCs so are unable to change the default gateway. Where is this default-gateway being assigned to the address pool and how do I specify what default-gateway remote client should receive?

3 REPLIES
New Member

Re: Remote VPN Default Gateway

Use of split-tunneling should fix your problem.

Create an acl to specify VPN networks:

access-list networks_accessible_VPN standard permit x.x.x.x mask (vpn networks)

Use your VPN similar to below and add split tunnel functionality using the above acl:

group-policy remote_vpn_users attributes

banner none

split-tunnel-policy tunnelspecified

split-tunnel-network-list value networks_accessible_VPN

Traffic in the above acl will be encrypted and use the VPN tunnel.

All traffic will use your default gateway unencrypted and unaffected by tunnel traffic.

New Member

Re: Remote VPN Default Gateway

That seemed to fix the problem. Thank you for your help

Silver

Re: Remote VPN Default Gateway

Hi,

When you do an ipconfig on the client, how many adapters and how many default gateways do you have? Do you have a default gateway for the cisco vpn adapter and the ethernet adapter?

Thanks

John

283
Views
0
Helpful
3
Replies
CreatePlease login to create content