[c-nsp] ASA 5520 Remote Access VPN

Eimantas Zdanevičius eimantas at occ.lt
Wed Feb 4 02:45:00 EST 2009

Sigurbjörn Birkir Lárusson wrote:
> Something along these lines if you wanted to just send and
> through the VPN tunnel
> tunnel-group testgroup general-attributes
>     default-group-policy testpolicy
> group-policy testpolicy internal
> group-policy testpolicy attributes
>     split-tunnel-policy tunnelspecified
>     split-tunnel-network-list value TunnelList
> access-list TunnelList standard permit
> access-list TunnelList standard permit
> BR,
> Sibbi
This perfectly sets routes for specified networks.
But how to disable default gateway setting on vpn client?

If i go to ASA ASDM->Configuration->VPN->Default Tunnel Gateway it says:

To configure default tunnel gateway, go to Static Route.

i have two static routes configured:

S    aaa.bbb.ccc.ddd [1/0] via, inside
S* [1/0] via, outside

More information about the cisco-nsp mailing list