i want to use a vbscript to add a route for my ipsec VPN

Posted on 2009-04-24
Last Modified: 2012-06-27
I'm using Vista and a Cisco VPN client.

The VPN client uses a Ipsec connection (no PPP)

There is an script over here to adjust the static route so you can use a splittunnel.

Would some one by so nice to change the script that will give me the same result as by ppp.

my config

Ethernet-adapter LAN-verbinding 4:

   Verbindingsspec. DNS-achtervoegsel:
     IPv4-adres. . . . . . . . . . . . :
   Subnetmasker. . . . . . . . . . . :
   Standaardgateway. . . . . . . . . :

Ethernet-adapter LAN-verbinding:

   Verbindingsspec. DNS-achtervoegsel:
   IPv4-adres. . . . . . . . . . . . :
   Subnetmasker. . . . . . . . . . . :
   Standaardgateway. . . . . . . . . :

Great thanks in advance
Question by:BrianvdB
    LVL 33

    Accepted Solution

    Cisco split tunneling is usually setup by the ASA administrator on the ASA.    You can't change it with a vbs script at the client side.   To check the routes, open up the Anyconnect client and click the STATISTICS tab, Details button, Route Details tab.  

    If you have the VPN client (not the anyconnect client),  then the client may have the stateful firewall turned on which prevents local lan access.   You can check that by right clicking on the icon tray vpn icon.

    If you are looking to adjust your workstation routes use the 'ROUTE' command at a command window.   ROUTE PRINT to list them, ROUTE ADD to add one, ROUTE CHANGE to edit and ROUTE DELETE to remove.   ROUTE /? will give you syntax details.

    Author Comment

    Mike thanks for reply,

    The code below looks in IPconfig for the dynamic IPadres from the PPP interface,
    After that it whil setup a new static route for aswell VPN and Internet.

    I wan't to do it in a same way for my Ipsec connection.
    herewith i'm able to get the same result as a split tunnel ain't I?

    Option Explicit
    Dim IP_Address
    Dim TmpFile : TmpFile = "c:\ip.txt"
    Dim route1
    route1 = "route add mask "
    IP_Address = GetIP()
    route1 = route1 & IP_Address
    Sub SaveIP
      Dim ws : Set ws = CreateObject("WScript.Shell")
  "%comspec% /c ipconfig > " & TmpFile, 0, True
      Set ws = Nothing
    End Sub
    Function GetIP()
      Dim fso : Set fso = CreateObject("Scripting.FileSystemObject")
      Dim re : Set re = New RegExp
      re.Global = TRUE
      Dim file, fileline, matches
      Dim pppsection : pppsection = False
    	Dim strComputer, objWMIService, colSystemInfo, objItem, strOS_Caption
    	strComputer = "."
    	Set objWMIService = GetObject("winmgmts:" _
    	    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 	
    	Set colSystemInfo = objWMIService.ExecQuery _
    	    ("Select Caption from Win32_OperatingSystem")
    	For Each objItem in colSystemInfo
    	     strOS_Caption = objItem.Caption
      If fso.FileExists(TmpFile) Then
        Set file = fso.OpenTextFile(TmpFile)
        Do While Not file.AtEndOfStream
          fileline = file.ReadLine
          If Not pppsection Then
            If left(fileline,3) = "PPP" Then
              pppsection = True
            End If
            If InStr(strOS_Caption, "Vista") > 0 Then
            	re.Pattern = "IPv4 Address[\. ]+: "
            	re.Pattern = "IP Address[\. ]+: "
            End If
            If re.Test(fileline) Then
              matches = split(fileline,":")
              GetIP = right(matches(1),len(matches(1))-1)
              pppsection = False
            End If
          End If
      End If
      Set re = Nothing
      Set fso = Nothing
    End Function
    Sub AddRoute
      Dim ws : Set ws = CreateObject("WScript.Shell")
  "%comspec% /c " & route1, 0, True
      Set ws = Nothing
    End Sub

    Open in new window

    LVL 33

    Assisted Solution

    Well, not really.  See the split tunnel config for the anywhere client is set at the ASA and is controlled by the Firewall admin.   If the spilit-tunnel only allows certain traffic to your local lan (or local gateway) there's nothing you can change on the client side to alter it, AFAIK.

    Author Comment

    Ok thanx,

    I'll have to look around who's the ASA administrator.

    greetings and thanx for yout effort.
    LVL 33

    Expert Comment

    OK then.  Anything else related to this that I can answer for you?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Suggested Solutions

    Title # Comments Views Activity
    Excel lookup - fomrula-macro 5 53
    AnyConnect 3 45
    What does this Vista IE 9.0 mean? 9 39
    Macro to create Bar charts 4 48
    Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
    This article is the result of a quest to better understand Task Scheduler 2.0 and all the newer objects available in vbscript in this version over  the limited options we had scripting in Task Scheduler 1.0.  As I started my journey of knowledge I f…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now