Windows – Cisco AnyConnect split tunneling on Windows 10

I'm having some issues dealing with a client's VPN.

Context:

I am an Android engineer and I'm working with a client whose resources, repositories, dashboards, email, CI/CD, etc. are behind a VPN network.

Issue:

There is a set of tools that I need to use to work on this client's App. but these tools aren't working behind the VPN because it appears that the VPN basically blocks everything (Google, Slack, Android Studio, etc.).

Question:

The iOS guys are using a tool called Shimo to do a split tunneling with the VPN and the local internet connection, so they are able to access the resources behind the VPN and use their tools.

Is there something like that for Windows 10?

Notes:

I've been doing (a lot) of googling trying to find a similar tool that works with Cisco AnyConnect protocols without luck.
I tried to set up Windows 10 VPN.
I actually have two computers so I've been trying to set a local network between the two computers with a shared folder, that way I can clone the Git repo from the VPN'd computer into that share folder and access it from my other computer with Android Studio and all the tools that I use. At least that was the idea, but as soon as I turn the VPN on the VPN'd computer disappears from the network.
Tried to do the same thing with an Amazon Workspace VM but couldn't set a share folder.
Would be great to get a solution that doesn't require too much effort, maybe I'm missing some Shimo-like client for Windows out there?
The client is not flexible about the VPN, so allowing Slack, Google and things like that to go through the VPN isn't an option.

Edit 1:

I've been trying to configure the Cisco's VPN Adapter to use the default gateway on the remote network, like it says on this post. But on Windows 10 there's no option for that:

Example

I've been trying to use OpenConnect instead of Cisco, since OpenConnect supposedly support Cisco's protocol. However, I'm not really sure about how import Cisco's profile into OpenConnect. My Cisco client works with a hostname for the VPN, a username, a password, you need to pick a group and after that you need to put a 2FA token that I get through the Symantec VIP App. I'm not really sure how to configure all this on OpenConnect:

Config example

Best Answer

The Cisco AnyConnect client must be blocking out the local network for the computer. This is dictated by the VPN server, but apparently the Shimo client can ignore it.

A replacement VPN client is OpenConnect, described as "an SSL VPN client initially created to support Cisco's AnyConnect SSL VPN" since "the Cisco client ... found it to have many deficiencies".

To extract the login details of Cisco AnyConnect, this might be found in the file %ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile, which is (or contains) an XML file.

This XML file might contain the tag HostAddress, which has the address of your VPN server. Note that it can also be HostName and there might be multiple tags. You need to pick the right one.

You might also need the VPN group as well. In that case, search for the keyword group in the XML (and probably XSD) to get the required group information.

More information about the structure of the XML file can be found in the article
Anyconnect XML preferences.

This is as far as I can go without having both products on my computer. Feel free to add to my answer any additional steps that you took.

Best Answer

Related Solutions

Windows – Configuring Windows VPN Connection from Cisco AnyConnect

Windows – Stop Cisco AnyConnect from locking down the NIC

Related Question