Ivanti Secure Access Client Options that apply to Linux client

• Route Precedence—You can define which routing table takes precedence:

• Tunnel Routes—The route table associated with the virtual adapter take precedence. The client overwrites the physical interface routes if there is conflict between the virtual adapter and the physical adapters. The Client restores the original routes when the connection is ended.

• Tunnel Routes with local subnet access —Network traffic addressed to the networks defined in the split tunnel resource policies goes through the VPN tunnel. Network traffic that is addressed to the directly connected (local) subnet goes to the local subnet. The default route is set to the local subnet, so all other network traffic is subject to the original endpoint routing table.

• Endpoint Routes—The route table associated with the endpoint’s physical adapter take precedence.

• Route Monitor—The client can monitor the route tables and take appropriate action.

  Yes – VPN tunneling ends the connection only if the route change affects the VPN tunnel traffic. For example, if the route metric is changed higher, it should not disconnect VPN tunneling.

  No – Route tables can change on the client endpoint.