Begin

I recently came into the challenge that my linux distribution (arch linux) or window manager (awesome) didn't quite work with ciscos anyconnect. The UI (vpnui) kept on crashing without any explicit reason. Therefore, I was looking for a way to first of all get it working. I decided to to set up a VM with ubuntu 17.10, installed libpangox-1.0-0 which is apparently needed for the ui. However, the VM got isolated by the routing and iptables that were set by anyconnect. The isolation couldn't be brought down via the xml setting even though there is a special option for it. Also, the UI gives the option via a checkbox for "allowing" the local network access. As expected it doesn't work. There are two causes for the isolation.

1. Routing

2. Iptables
Further, i had troubles with the speed of the connection. The rate was limited to around 40 kb/s. All can be bypassed by a small script:

#!/bin/bash

#change metric for devices eth0 first
sudo ifmetric enp0s3 1;
sleep 2;

#afterwards the cisco tunnel 
sudo ifmetric cscotun0 2;
sleep 2;

#drop the rule for ciscovpn that drops all packages to localhost 
sudo iptables -D ciscovpn 16;
sleep 2;

#This is needed for unitymedia/IPv6 tunnel as otherwise the packages are getting fragmented
sudo ifconfig cscotun0 mtu 1280;
sleep 2;

Afterwards, one can create a proxy via ssh:

#!/bin/bash
ssh -N -L 8888:$INTERNAL_IP:$PORT vm