Network: How to fully bypass Cisco VPN Client and Server LAN restriction

You may have encoutered, like me, some problem with LAN access while using the Cisco VPN Client.

This soft blocks any LAN access as soon as the tunnel connection is established (by changing network’s routes on all local interfaces). There’s an option “enable LAN” in the Cisco VPN client, but it may be overriden by server’s rules.

Here is how you can fully bypass thoses restrictions allowing you to access both VPN and local’s servers.

First :follow instructions on “Lennart Schedin” ‘s blog : http://blog.lesc.se/2011/06/how-to-bypass-cisco-vpn-client-lan.html

He basically says:

  • to install Shrew Soft VPN Client as Cisco VPN client replacement
  • to add an exclude filter for your LAN’s ip range (right click on the connection / properties / Policy tab)
  • Launch the connection

Then : you can check using “route print” (on windows) : you’ll see that the VPN tunnel has not changed local routes. BUT, access to your LAN may still fail due to added routes…
At this time you are close to the final step : you just need to change routes. Below is an example BAT file to do so :

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.