How do I configure Shrewsoft's VPN client to only route traffic to a certain IP address through the VPN?

We're using Shrewsoft's VPN client to connect to a third party development server. However, it seems to be configured to send all or nothing through the VPN. The devs have to disconnect from the VPN to get email/internet access back.

The server that needs to be accessed via the VPN is on a specific (local - 10.x.x.x) IP address and a specific ports. Can we configure the Shrewsoft client application to only route traffic to that one address and/or port through the VPN and to route anything else though the usual channels?

If so, how is it done? I'm not a VPN specialist and the options are confusing.

In the absence of any Shewsoft VPN client specific advice, what should I be search for? Split tunnels?

In properties window of VPN connection profile, go to (1) Policy tab. There you can add routes.

(2) Uncheck Obtain Topology Automatically or Tunnel All
(3) Click Add.
(4) Set Type to Include.
(5) Set Address to the exact IP you want. (6) Set Netmask to

Screenshot of Shrew Soft VPN Access Manager's "Add Route" dialog boxes.

See also: Shrew Soft VPN Client Admin Guide: Policy Settings (Archived here.)

March 16, 2011 13:35 PM

To Compliment Nikola's answer further:

You would need to Disable the 'Obtain Topology Automatically or Tunnel All' check box first to reveal the lower part where you add the routes as per his response.

See: Similar Question (StackOverflow) for more details

Hope this helps

May 11, 2012 06:10 AM

I am running Shrew Soft on a Linux VM without GUI. Does anyone now which setting tot set in the connection file to disable "Tunnel All" and limit the vpn connection to only 1 IP?

June 12, 2019 07:25 AM

