On Thu, 2011-11-24 at 12:21 -0600, Mathew Crane wrote: > I am trying to connect remotely to my company's resources via their > Cisco VPN. They offer .p12 SSL-based ASA gateways that I can > successfully connect to and navigate company resources, access email, > etc. However, I am not able to navigate to resources located outside > of the company intranet while connected; for example, google.com or > en.wikipedia.org are unreachable and I receive '503 Gateway' errors > when navigating to external URLS. Your VPN server is requesting a full tunnel, so that's what it gets. You can work around this by using a 'wrapper' around the standard vpnc-script, which changes the environment variables that tell it what to do. See http://david.woodhou.se/vpnc-script-intel.sh for an example which may be useful to you. Note that the last line of it is intended to run your "normal" vpnc-script, wherever you've put it. And you'll obviously want to change it to set the networks that *you* want to route to the VPN. > I am also unable to split tunnel with this connection using > network-manager-openconnect (the infamous 'Use this connection only > for resources on its network' option). Using openconnect from CLI with > the default vpnc vpnc-script yields same results. Hm, I thought we fixed that. What version of NetworkManager is this? -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5818 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20111124/73c4e51f/attachment.bin>
