cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
230
Views
0
Helpful
0
Replies
Stuart Patton
Beginner

Anyconnect tunnelling traffic to a non-secured destination

Hi,

 

Just wondered if anyone in the community has come across an issue with split-tunnelling where Anyconnect continues to tunnel traffic to an excluded destination?

 

To be clear, the Anyconnect client clearly shows a particular /14 supernet in the non-secured routes section and a "netstat -r -n" on the machine shows the correct prefix with a gateway as the IP address of the physical ethernet adapter.  However if I run Wireshark against the virtual adapter I can see traffic matching the supernet being tunnelled and I see it hit the ASA that terminates the VPN.  I'm capturing from the correct interface, because it's got the VA IP address and I see other traffic to my corporate LAN RFC1918 ranges.  I'm seeing this problem with 4.8.03036 landing on FTD 2140 running ASA 9.8(4)29.  

 

I don't really know how I can troubleshoot this any further without PSS/TAC.  Has anyone got any ideas?

 

Thanks,

Stuart

0 REPLIES 0
Content for Community-Ad