So replacing the default route uses tun0. Thats a good think. Now why isn't keeping the default route pointing those routes to tun0....
Your one alternate route wouldn't be for 1982.197.150.122 would it? I see that route appearing in the table but it points to your ath0 interface not tun0. I'm curious if it is getting added to the table at all, or if it is just getting added wrong. Let me fire up my laptop into Kubuntu today and take a look. I'm off to a meeting in a few so it will be later this afternoon but hopfully I can give you some better steps to get this working. I connect to a set of concentrators at work as well as an ASA at home and during testing I was able to get split tunneling to work even if the policy was against it. Bryan Stevenson wrote: > Hey Larry, > > OK...here's the routing info for the various scenarios: > > NO VPN CONNECTION: > [EMAIL PROTECTED]:~$ route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.168.42.0 * 255.255.255.0 U 0 0 0 ath0 > link-local * 255.255.0.0 U 1000 0 0 ath0 > default 192.168.42.1 0.0.0.0 UG 0 0 0 ath0 > > > VPN CONNECTED (replace default route....no alternate routes): > [EMAIL PROTECTED]:~$ route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > pacrhqvpn3.pac. 192.168.42.1 255.255.255.255 UGH 0 0 0 ath0 > 192.168.42.0 * 255.255.255.0 U 0 0 0 ath0 > link-local * 255.255.0.0 U 1000 0 0 ath0 > default * 0.0.0.0 U 0 0 0 tun0 > > VPN CONNECTED (keeping default route....1 alternate route defined): > [EMAIL PROTECTED]:~$ route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.197.150.122 192.168.42.1 255.255.255.255 UGH 0 0 0 ath0 > 192.168.42.0 * 255.255.255.0 U 0 0 0 ath0 > link-local * 255.255.0.0 U 1000 0 0 ath0 > default 192.168.42.1 0.0.0.0 UG 0 0 0 ath0 > > > So as you can see....when I keep the default route and use an alternate > one (that is set to use Tun0), the only adapter listed is Ath0?? Of > course the Tun0 adapter shows up as an available adapter when the VPN > connects....it's just not being used?? > > Cheers > > > > - > > Bryan Stevenson B.Comm. > VP & Director of E-Commerce Development > Electric Edge Systems Group Inc. > phone: 250.480.0642 > fax: 250.480.1264 > cell: 250.920.8830 > e-mail: [EMAIL PROTECTED] > web: www.electricedgesystems.com > > Notice: > This message, including any attachments, is confidential and may contain > information that is privileged or exempt from disclosure. It is intended > only for the person to whom it is addressed unless expressly authorized > otherwise by the sender. If you are not an authorized recipient, please > notify the sender immediately and permanently destroy all copies of this > message and attachments. > > > > > _______________________________________________ > Kvpnc-user mailing list > [email protected] > https://mail.gna.org/listinfo/kvpnc-user > _______________________________________________ Kvpnc-user mailing list [email protected] https://mail.gna.org/listinfo/kvpnc-user
