How can I configure my VPN client on OSX as a split tunnel? I don't want all my traffic to travel over the (slow) VPN. Surely there must be a way to add a default route that bypasses the VPN.
I am using the Cisco VPN Client version 4.9.0.1.0180 on OSX Snow Leopard.
This is configured on the server side by your administrators.
I'm connected via a Cisco VPN client and only traffic destined for our servers goes through the VPN interface. All other traffic goes straight out my internet connection without passing through the VPN.
The easiest solution (from a technical point of view) is to ask your administrators to configure the connection for split tunneling. That solution might not be easy (or even possible) from a political point of view.
Yes I've just tried to do this in Linux, the "route del" or "ip route del" command is accepted without an error, but the AnyConnect default route doesn't go anywhere.
The only workaround I can think of is virtualize the IP stack that the AnyConnect client is running under = either full-fledged HW virtualization or at least something like a docker container... which obviously has other practical downsides, as you are effectively encapsulating the whole machine where AnyConnect is running.
At a political level, perhaps it's better to stick to the "agreement" with the AnyConnect system admin that you are entering by using the VPN session. If the admin says no, the right thing to do is just refrain from workarounds...
