The network administrator does not enable the split tunneling. Is there a "special way" to enable the local network access after VPN is connected in Cisco VPN Client (Cisco AnyConnect is not enabled/allowed by the network administrator)?
After the VPN is connected in Cisco VPN Client, the default gateway will be the remote network only. Even the local subnet of the client machine connected is not able to be accessed. An example,
I don't think add static routes on the client machine can achieve. So is there a "special way" to enable the local network access after VPN is connected, at least the local subnet of the client machine connected (192.168.0.0/24)?
Actually what I would like to look for a workaround to defeat the whole purpose of not alowing split tunneling. Simply speaking, I want to "crack" it on local machine.
I don't understand why Cisco would like to restrict it? I can copy the data from remote, disconnect the VPN, and connect to my local network, and then I can copy to anywhere as I want.
If you can crack it, Cisco has a job opening for you. Maybe the NSA does too.
The principle which it is designed to prevent is having an active two way communications channel between a compromised machine and the secured remote network. True it does not prevent an asynchronous or asymmetrical attack vector - but no security countermeasure prevents all attacks.
Whether or not you agree with why it makes sense, that is how it is designed to work.