Hello Tony,
> Thanks for providing the version. Just a side note, do you have
> experience setting the server as the default gateway (i.e., all
> traffic goes through the server) using ocserv? I tried to set the
> route as 0.0.0.0/0.0.0.0 however the iOS client did not forward all
> its traffic through the server.
I have the same problem. AnyConnect has two modes: Split Route, that
means that only some routes will be provided over the VPN and others
will go directly and Full Mode where the default route goes over the
VPN. ocserv currently announces to anyconnect the split mode. The
problem is that with the split mode you can not push the default route
or at least not in an obvious way. Pushing other routes works. I have a
Cisco ASA which I have configured for both modes (split and full) but
the Cisco ASA is currently offline and I'm 3000 kms away on a business
trip. As soon as I'm back on Sunday I want to take it back online and
find out how the full route is announced and than let the list know.
Cheers,
Thomas
