Solved: No Internet Access With Split-Tunneling Enabled - Page 2

Gaurav Kawale · ‎12-28-2015

Hello Everyone,

We're facing one issue related with Split-tunneling. Our VPN profile has split tunnel enabled with only allowed networks to be entered through tunnel and internet traffic is going locally. Now this is working fine almost for 90% of user but some users are unable to access the internet when they connected to VPN.Intranet is working fine. Below are some observations from affected user's machine:

1. When try to ping any public FQDN (E.g. google.com) it doesn't get resolved but when i try to ping with IP address it works.

2. Most users are accessing VPN from home internet connection who are on WiFi networks typically 192.168.1.0/24 network.

3. This issue is only faced by some users, other users who also connect to VPN via home WiFi can successfully access both internet & intranet.

4. Route print from users machine shows default gateway towards WiFi router (192.168.1.1 or private IP). DNS is also the same.

5. Took a packet capture from users machine on both AnyConnect adapter & WiFi adapter. After analyzing the captures it has been seen that public DNS queries are not seen in the capture which was ran on WiFi adapter.

Any guess what could be the problem?

Any help will be appreciated.

Thank You.

Regards,

Gaurav

Sebastian Velez · ‎01-26-2016

Gaurav,

Have you tried disabling the IPv6 option under the physical adapter?

Sebastian Velez · ‎01-29-2016

Hi Gaurav,

Have you tried the following command under the group-pollicy:

client-bypass-protocol enable

This should fix the problem without disabling the IPv6 feature on the adapter.

Gaurav Kawale · ‎01-31-2016

Thanks Sebastian. Will check it.