<div dir="ltr">Ultimately, the Cisco device you're connecting to determines whether you can do a split-tunnel, but from a security stand point split tunnels are a bad idea. I think VPNC doesn't have to obey the rules set by the cisco device you're connecting to.<br>
<br>I use vpnc + the NetworkManager add-on, it's fantastic. <br><br><br><div class="gmail_quote">On Sun, Oct 12, 2008 at 10:38 PM, Jim Popovitch <span dir="ltr"><<a href="mailto:yahoo@jimpop.com">yahoo@jimpop.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d">2008/10/12 Jim Kinney <<a href="mailto:jim.kinney@gmail.com">jim.kinney@gmail.com</a>>:<br>
><br>
><br>
> On Sun, Oct 12, 2008 at 10:19 PM, Jim Popovitch <<a href="mailto:yahoo@jimpop.com">yahoo@jimpop.com</a>> wrote:<br>
>><br>
>> 2008/10/12 Jim Kinney <<a href="mailto:jim.kinney@gmail.com">jim.kinney@gmail.com</a>>:<br>
>> > Once the crisco fires up the only net access is through the crisco vpn.<br>
>><br>
>> That's a config issue.<br>
><br>
> I thought so too but the one time I _had_ to use a cisco client I never<br>
> found a way to set my own default route without disabling the vpn tunnel.<br>
<br>
</div>I don't currently have a .pcf file to see what the setting is, but the<br>
solution is that you must manually defined the subnets you want routed<br>
over the vpn -or- you allow the vpn client to route everything. IIRC,<br>
this can be overridden on the vpn concentrator configuration and the<br>
client can then be forced to route everything.<br>
<div><div></div><div class="Wj3C7c"><br>
-Jim P.<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
</div></div></blockquote></div><br><br>
</div>