diff --git a/pkg/handler/connect.go b/pkg/handler/connect.go
index aba24224..d8b3df27 100644
--- a/pkg/handler/connect.go
+++ b/pkg/handler/connect.go
@@ -420,7 +420,7 @@ func (c *ConnectOptions) startLocalTunServer(ctx context.Context, forwardAddress
 	}
 
 	var routes []types.Route
-	for _, ipNet := range util.RemoveLargerOverlappingCIDRs(cidrList) {
+	for _, ipNet := range util.RemoveCIDRsContainingIPs(util.RemoveLargerOverlappingCIDRs(cidrList), c.apiServerIPs) {
 		if ipNet != nil {
 			routes = append(routes, types.Route{Dst: *ipNet})
 		}