Cisco AnyConnect split tunneling on Windows 10

networking windows-10 vpn cisco-vpn-client
8,643

The Cisco AnyConnect client must be blocking out the local network for the computer. This is dictated by the VPN server, but apparently the Shimo client can ignore it.

A replacement VPN client is OpenConnect, described as "an SSL VPN client initially created to support Cisco's AnyConnect SSL VPN" since "the Cisco client ... found it to have many deficiencies".

To extract the login details of Cisco AnyConnect, this might be found in the file %ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile, which is (or contains) an XML file.

This XML file might contain the tag HostAddress, which has the address of your VPN server. Note that it can also be HostName and there might be multiple tags. You need to pick the right one.

You might also need the VPN group as well. In that case, search for the keyword group in the XML (and probably XSD) to get the required group information.

More information about the structure of the XML file can be found in the article
Anyconnect XML preferences.

This is as far as I can go without having both products on my computer. Feel free to add to my answer any additional steps that you took.

Share:
8,643

Related videos on Youtube

4gus71n
Author by

4gus71n

Java developer with experience in SpringMVC, Hibernate and mobile techs (Android, Phonegap / Apache Cordova, Xamarin). I've worked with Spring building RESTful web apps. I worked with technologies that follows MVC patterns (SpringMVC), MVP(GWT) and MVVM (Angular.js). The frontend apps that I code are manily Android apps or stateless html clients done with HTML + Javascript if the SEO isn't that important. I prefer coding stateless clients because It makes easier to add new features in the future also It makes easier to deploy the fronend as a cross-platform app using technologies like Apache Cordova / Phonegap The Android apps that I coded are manily RESTful web apps clients. I've developed Android apps that used background services. I use the latest and more known Android librearies to perform the HTTP request, store data in the device and simplify the overall logic. I started developing Android apps several years ago when Android was in the 2.2 version and I followed all the Android evolution until now with Marshmellow. I developed apps with differents base architectures. I developed apps that followed an MVP pattern, generally using libraries such as Dagger to perform the dependency injection and glue together all the app components. I also used Lightcycle (the reecently released SoundCloud library) in order to decouple the Fragments/Activities logic into differents classes. I worked in projects using RxJava. I follow every Material Design standar. I always use the latest Android SDK components, for example I no longer use ListViews, instead I use RecyclerViews, I use only Toolbars, I try to improve the UX by using only the latest components. I try to keep the app's code clean and readable. I use every tool at my disposal to keep my code readable so It can be easly understood by my coworkers, //regions, JavaDoc, really really descriptive names. About project administrations tools I used Jira, Redmine and Trello. I always encouraged the simplification in this process, there's nothing more annoying that having ten communication channels in a team of four. I always belived that using Slack helps a lot to bust a team performance, since that it helps to bind toghether all the adminsitrations tools making the team communication much more fluent. I've also experience with PHP doing webscrapping and frontend development using CodeIgniter. I've work with several devs in USA so I can communicate fluently and without problem with other devs or clients.

Updated on September 18, 2022

Comments

  • 4gus71n
    4gus71n over 1 year

    I'm having some issues dealing with a client's VPN.

    Context:

    I am an Android engineer and I'm working with a client whose resources, repositories, dashboards, email, CI/CD, etc. are behind a VPN network.

    Issue:

    There is a set of tools that I need to use to work on this client's App. but these tools aren't working behind the VPN because it appears that the VPN basically blocks everything (Google, Slack, Android Studio, etc.).

    Question:

    The iOS guys are using a tool called Shimo to do a split tunneling with the VPN and the local internet connection, so they are able to access the resources behind the VPN and use their tools.

    Is there something like that for Windows 10?

    Notes:

    • I've been doing (a lot) of googling trying to find a similar tool that works with Cisco AnyConnect protocols without luck.
    • I tried to set up Windows 10 VPN.
    • I actually have two computers so I've been trying to set a local network between the two computers with a shared folder, that way I can clone the Git repo from the VPN'd computer into that share folder and access it from my other computer with Android Studio and all the tools that I use. At least that was the idea, but as soon as I turn the VPN on the VPN'd computer disappears from the network.
    • Tried to do the same thing with an Amazon Workspace VM but couldn't set a share folder.
    • Would be great to get a solution that doesn't require too much effort, maybe I'm missing some Shimo-like client for Windows out there?
    • The client is not flexible about the VPN, so allowing Slack, Google and things like that to go through the VPN isn't an option.

    Edit 1:

    • I've been trying to configure the Cisco's VPN Adapter to use the default gateway on the remote network, like it says on this post. But on Windows 10 there's no option for that:

    Example

    • I've been trying to use OpenConnect instead of Cisco, since OpenConnect supposedly support Cisco's protocol. However, I'm not really sure about how import Cisco's profile into OpenConnect. My Cisco client works with a hostname for the VPN, a username, a password, you need to pick a group and after that you need to put a 2FA token that I get through the Symantec VIP App. I'm not really sure how to configure all this on OpenConnect:

    Config example

    • lx07
      lx07 almost 5 years
      I have a similar issue with Cisco VPN as client blocks everything. I therefore made a Windows 10 VM to connect to client (via AnyConnect) and the host can connect to internet as normal. Would that work for you?
    • 4gus71n
      4gus71n almost 5 years
      @lx07 Thanks for the comment. Yeah, the thing is that I'm running Android Studio (eats a lot of ram), Postman, design tools, Slack, tons of things, if I add a VM machine to all that I'm pretty sure that my computer is going to run as fast as a brick.
    • harrymc
      harrymc almost 5 years
      The Cisco AnyConnect client must be blocking out the local network for the computer. This is dictated by the VPN server, but apparently the Shimo client can ignore it. Try using OpenConnect, described as "an SSL VPN client initially created to support Cisco's AnyConnect SSL VPN" since "the Cisco client ... found it to have many deficiencies".
    • 4gus71n
      4gus71n almost 5 years
      @harrymc TBH I've been trying so many different VPN clients that I don't remember if I tried with OpenConnect or not. I think I did. But I think that I wasn't enable to replicate CistoAny Connect's profile there. I'll give it a try once more and I'll let you know. Thanks for the info.
    • harrymc
      harrymc almost 5 years
      Let me know what you try and how you configured OpenConnect. Might be worth adding to the post.
    • harrymc
      harrymc almost 5 years
      This approach works, as see this success story. I can't test myself, as I don't have OpenConnect installed, but perhaps this article will help.
    • 4gus71n
      4gus71n almost 5 years
      @harrymc I updated the post. Still doing research, I'm trying to see if I can find some sort of script online that turns Cisco's profile into something that I can use on OpenConnect, or any other VPN client.
    • harrymc
      harrymc almost 5 years
      This is too long for comments, so I have started an answer.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Using the Cisco VPN 5.0.07 blocks internet - but shouldn't
OpenVPN Windows 10 : how to access computers inside the LAN?
SSL VPN Connection in Windows 10 is "aborted by the local system"
1723 port isn't opened after setting up an incoming connection on Windows 10
Cisco VPN disconnects after 5 seconds with error 422
VPN Connection shows error 720 in Windows 10
Cisco AnyConnect not Working
Can't resolve computer names over VPN, only IP addresses?
how to connect Cisco AnyConnect Secure Mobility Client VPN using batch script or shell script in windows
How can I force Whatsapp for desktop to use a proxy in Windows 10?