Re: Cisco VPN Client - Packet not going to tunnel

Dave Tremblay · ‎05-16-2011

Hello,

I have a Cisco VPN Client on my Windows 7 configured to connect to a ASA in split tunnelling. When I get connect, I do receive the split tunnel routes configured in my ASA ACL but when I snif packet on my pc, traffic is not going to the define routes for my tunnel, it's going anywhere...

These are my routes on WIN7 when connected to VPN. When I ping 10.96.10.16... I dont get any packet on my capture on my VPN Interface.

Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
0.0.0.0          0.0.0.0       10.120.0.1      10.120.0.31     20
10.80.0.0      255.255.0.0     205.237.81.1    206.237.81.11    100
10.96.10.0    255.255.255.0     205.237.81.1    206.237.81.11    100
10.120.0.0    255.255.255.0         On-link       10.120.0.31    276
10.120.0.1 255.255.255.255         On-link       10.120.0.31    100
10.120.0.31 255.255.255.255         On-link       10.120.0.31    276
10.120.0.255 255.255.255.255         On-link       10.120.0.31    276

What I don't understand is the 205.237.81.1.. it does'nt exist....

Any ideas...

Dave

andamani · ‎05-16-2011

Hi,

Can you check the nat exemption on the headend.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

Dave Tremblay · ‎05-16-2011

Here you go...

access-list NAT_exemption line 1 extended permit ip 10.0.0.0 255.0.0.0 205.237.80.0 255.255.255.0

access-list NAT_exemption line 2 extended permit ip 10.96.10.0 255.255.255.0 205.237.81.0 255.255.255.224

access-list NAT_exemption line 2 extended permit ip 10.80.0.0 255.255.0.0 205.237.81.0 255.255.255.224

Dave