i want to use a vbscript to add a route for my ipsec VPN

Posted on 2009-04-24
Medium Priority
Last Modified: 2012-06-27
I'm using Vista and a Cisco VPN client.

The VPN client uses a Ipsec connection (no PPP)

There is an script over here to adjust the static route so you can use a splittunnel.

Would some one by so nice to change the script that will give me the same result as by ppp.

my config

Ethernet-adapter LAN-verbinding 4:

   Verbindingsspec. DNS-achtervoegsel: xxx.com
     IPv4-adres. . . . . . . . . . . . :
   Subnetmasker. . . . . . . . . . . :
   Standaardgateway. . . . . . . . . :

Ethernet-adapter LAN-verbinding:

   Verbindingsspec. DNS-achtervoegsel:
   IPv4-adres. . . . . . . . . . . . :
   Subnetmasker. . . . . . . . . . . :
   Standaardgateway. . . . . . . . . :

Great thanks in advance
Question by:BrianvdB
  • 3
  • 2
LVL 33

Accepted Solution

MikeKane earned 2000 total points
ID: 24226013
Cisco split tunneling is usually setup by the ASA administrator on the ASA.    You can't change it with a vbs script at the client side.   To check the routes, open up the Anyconnect client and click the STATISTICS tab, Details button, Route Details tab.  

If you have the VPN client (not the anyconnect client),  then the client may have the stateful firewall turned on which prevents local lan access.   You can check that by right clicking on the icon tray vpn icon.

If you are looking to adjust your workstation routes use the 'ROUTE' command at a command window.   ROUTE PRINT to list them, ROUTE ADD to add one, ROUTE CHANGE to edit and ROUTE DELETE to remove.   ROUTE /? will give you syntax details.

Author Comment

ID: 24231106
Mike thanks for reply,

The code below looks in IPconfig for the dynamic IPadres from the PPP interface,
After that it whil setup a new static route for aswell VPN and Internet.

I wan't to do it in a same way for my Ipsec connection.
herewith i'm able to get the same result as a split tunnel ain't I?

Option Explicit
Dim IP_Address
Dim TmpFile : TmpFile = "c:\ip.txt"
Dim route1
route1 = "route add mask "
IP_Address = GetIP()
route1 = route1 & IP_Address
Sub SaveIP
  Dim ws : Set ws = CreateObject("WScript.Shell")
  ws.run "%comspec% /c ipconfig > " & TmpFile, 0, True
  Set ws = Nothing
End Sub
Function GetIP()
  Dim fso : Set fso = CreateObject("Scripting.FileSystemObject")
  Dim re : Set re = New RegExp
  re.Global = TRUE
  Dim file, fileline, matches
  Dim pppsection : pppsection = False
	Dim strComputer, objWMIService, colSystemInfo, objItem, strOS_Caption
	strComputer = "."
	Set objWMIService = GetObject("winmgmts:" _
	    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 	
	Set colSystemInfo = objWMIService.ExecQuery _
	    ("Select Caption from Win32_OperatingSystem")
	For Each objItem in colSystemInfo
	     strOS_Caption = objItem.Caption
  If fso.FileExists(TmpFile) Then
    Set file = fso.OpenTextFile(TmpFile)
    Do While Not file.AtEndOfStream
      fileline = file.ReadLine
      If Not pppsection Then
        If left(fileline,3) = "PPP" Then
          pppsection = True
        End If
        If InStr(strOS_Caption, "Vista") > 0 Then
        	re.Pattern = "IPv4 Address[\. ]+: "
        	re.Pattern = "IP Address[\. ]+: "
        End If
        If re.Test(fileline) Then
          matches = split(fileline,":")
          GetIP = right(matches(1),len(matches(1))-1)
          pppsection = False
        End If
      End If
  End If
  Set re = Nothing
  Set fso = Nothing
End Function
Sub AddRoute
  Dim ws : Set ws = CreateObject("WScript.Shell")
  ws.run "%comspec% /c " & route1, 0, True
  Set ws = Nothing
End Sub

Open in new window

LVL 33

Assisted Solution

MikeKane earned 2000 total points
ID: 24243049
Well, not really.  See the split tunnel config for the anywhere client is set at the ASA and is controlled by the Firewall admin.   If the spilit-tunnel only allows certain traffic to your local lan (or local gateway) there's nothing you can change on the client side to alter it, AFAIK.

Author Comment

ID: 24248948
Ok thanx,

I'll have to look around who's the ASA administrator.

greetings and thanx for yout effort.
LVL 33

Expert Comment

ID: 24260847
OK then.  Anything else related to this that I can answer for you?

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Deploying a Microsoft Access application in a Citrix environment is not difficult but takes a few steps. However, Citrix system people are often of little help, as they typically know next to nothing about Access. The script provided here will take …
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question