Physical interface Default Gateway connecting VPN with AnyConnect

nyanko-nt · ‎09-14-2012

When I connect vpn with AnyConnect, I can't see default gateway on Physical Interface.

before connect vpn

==========================================

C:\WINDOWS\system32>ipconfig

Windows IP Configuration

Ethernet adapter Local Area

        Connection-specific DNS Suffix . :
        IP Address. . . . . . . . . . . . : 10.1.1.100
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.1.1.10

after connect vpn with anyconnect

==========================================

C:\WINDOWS\system32>
C:\WINDOWS\system32>ipconfig

Windows IP Configuration

Ethernet adapter Local Area

        Connection-specific DNS Suffix . :
        IP Address. . . . . . . . . . . . : 10.1.1.100
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :'Can't see default gateway'

Is this the specification of Anyconnect?

jonrojas · ‎09-14-2012

Nyanko,

This will happen when you are using tunnel all as the split tunneling policy, the computer will encrypt all the traffic so the default gateway will be removed from the physical connection and placed into the virtual adapter. If you take a look at the routing table you will see that what really happens is that the original default route's metric will be changed so that it is higher than the one injected by the virtual adapter, once you disconnect it should go back to normal.

Further information on split tunneling:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080975e83.shtml

HTH

Jonnathan