This seems like it should be easy, but I'm not recalling how to do this. Each client has always been granted access to different resources (usually subnets) at the server via the CCD file matching their connection name. I usually create "split" tunnels - specifying only certain private subnets or servers be accessed via the tunnel via push "route ..." commands.
On a computer, assuming I have admin privileges, I manipulate things by adding a specific route to the endpoint through the local gateway, then deleting the default route, then adding a default route through the tunnel. Everything BUT the endpoint (and any other specific routes on the client) is routed through the tunnel.
Is there a CCD file push command I can use to do this? Perhaps where keywords are replaced by the actual values, like:
push "route <VPN_Endpoint> 255.255.255.255 <current_default_gateway>"
push "route 0.0.0.0 0.0.0.0"
Like I said, I'm used to pushing specific subnet routes using the push in the ccd file, but how to configure to become the default gateway is proving difficult to find.
