Disable CISCO VPN client routing for selected subnet on Mac OS X

I'm using a Mac laptop and when I am connected to the CISCO VPN, all traffic is routed through the tunnel. However I need to run a VM (VirtualBox with Ubuntu as guest) for certain services. VM is connected with host via Host-Only network (192.168.56.0/24). When the VPN is connected even traffic to this address range are also sent to the VPN so I can't connect to the VM anymore.

I've tried to mess around with route command a bit. When I tried

route change -net 192.168.56.0/24 192.168.56.1

to setup the route, I got sendto: Permission denied when I try to ping VM address.

What would be the correct route setup so I can connect to the VM (through vboxnet1 interface) while leave all other traffic through the VPN?


Finally I have figured out the reason for the "sendto: permission denied" error.

The routing table was added correctly. The problem comes from that Cisco AnyConnect VPN Client would automatically block any other traffic by modifying firewall (ipfw) rules on the host, adding one line like

01200  667 136583 deny ip from any to any

Removing this rule by

sudo ipfw delete 01200

will do.

Solution thanks to http://www.petefreitag.com/item/753.cfm