APPIREDDY
asked on
VPN default gateway problem
Hi Guys,
i got a Windows 2003 VPN server behind cisco asa 5510 . windows clients can connect to the windows 2003 vpn server without any problem,also getting the ip address and dns server settings from the DHCP server, except the default gateway.
the default gateway is shown as 0.0.0.0 under ipconfig
when i 'route print' the results shows the default gateway is same as the ip address.
anu idea? please help me
we got VLAN's in the network
the DHCP server is on different VLAN to the windows RAS server. but i enabled the dhcp relay agent on the RAS, but still no luck.
I did issue a command on cisco 3560
Int vlan 6
ip helper-address <dhcp server ip>
please help me....
i got a Windows 2003 VPN server behind cisco asa 5510 . windows clients can connect to the windows 2003 vpn server without any problem,also getting the ip address and dns server settings from the DHCP server, except the default gateway.
the default gateway is shown as 0.0.0.0 under ipconfig
when i 'route print' the results shows the default gateway is same as the ip address.
anu idea? please help me
we got VLAN's in the network
the DHCP server is on different VLAN to the windows RAS server. but i enabled the dhcp relay agent on the RAS, but still no luck.
I did issue a command on cisco 3560
Int vlan 6
ip helper-address <dhcp server ip>
please help me....
ASKER
thanks for the reply. i know, but for the timebeing i will have to make this windows server2003 work.my ipconfig on the client showes as below
C:\Users\reddy>ipconfig
Windows IP Configuration
PPP adapter Tns VPN:
Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 192.168.3.57
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
also i got two nics on the RAS server as followes
VPN Network Adaptor
Ip add:192.168.3.10
sub mask:255.255.255.0
DG:192.168.3.1
DNS:192.168.0.6
LAN Adaptor
LAN Network Adaptor
Ip add:192.168.3.9
sub mask:255.255.255.0
DG:
DNS:
please advise if anything is wrong.
regards
C:\Users\reddy>ipconfig
Windows IP Configuration
PPP adapter Tns VPN:
Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 192.168.3.57
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
also i got two nics on the RAS server as followes
VPN Network Adaptor
Ip add:192.168.3.10
sub mask:255.255.255.0
DG:192.168.3.1
DNS:192.168.0.6
LAN Adaptor
LAN Network Adaptor
Ip add:192.168.3.9
sub mask:255.255.255.0
DG:
DNS:
please advise if anything is wrong.
regards
Just curious, why have two NICs on the server pointing to the same internal network?
Is RRAS binding to the correct NIC?
Is RRAS binding to the correct NIC?
Can I see a route print on the client as well.
ASKER
C:\Documents and Settings\lap>IPCONFIG
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
PPP adapter tns:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.3.52
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.3.52
C:\Documents and Settings\lap>ROUTE PRINT
========================== ========== ========== ========== ========== =========
Interface List
0x1 .......................... . MS TCP Loopback interface
0x2 ...00 0b db 14 50 40 ...... 3Com 3C920 Integrated Fast Ethernet Controller
0x80004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
========================== ========== ========== ========== ========== =========
========================== ========== ========== ========== ========== =========
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 21
0.0.0.0 0.0.0.0 192.168.3.52 192.168.3.52 1
82.33.242.236 255.255.255.255 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
192.168.3.0 255.255.255.0 192.168.3.52 192.168.3.52 1
192.168.3.52 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.3.255 255.255.255.255 192.168.3.52 192.168.3.52 50
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.3.52 192.168.3.52 1
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
255.255.255.255 255.255.255.255 192.168.3.52 192.168.3.52 1
Default Gateway: 192.168.3.52
========================== ========== ========== ========== ========== =========
Persistent Routes:
None
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
PPP adapter tns:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.3.52
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.3.52
C:\Documents and Settings\lap>ROUTE PRINT
==========================
Interface List
0x1 ..........................
0x2 ...00 0b db 14 50 40 ...... 3Com 3C920 Integrated Fast Ethernet Controller
0x80004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
==========================
==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 21
0.0.0.0 0.0.0.0 192.168.3.52 192.168.3.52 1
82.33.242.236 255.255.255.255 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
192.168.3.0 255.255.255.0 192.168.3.52 192.168.3.52 1
192.168.3.52 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.3.255 255.255.255.255 192.168.3.52 192.168.3.52 50
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.3.52 192.168.3.52 1
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
255.255.255.255 255.255.255.255 192.168.3.52 192.168.3.52 1
Default Gateway: 192.168.3.52
==========================
Persistent Routes:
None
ASKER
ras IS BINDING TO THE CORRECT nic. ideally i want to separate VPN traffic from the Local network traffic.
ASKER
Hi Guys
i configured another windows 2003 server as VPN server and this time only one NIC i used, but still no luck on the client PC i have the following route information
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.111.1 192.168.111.27 4250
0.0.0.0 0.0.0.0 On-link 192.168.3.66 26
82.33.242.251 255.255.255.255 192.168.111.1 192.168.111.27 4251
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
169.254.0.0 255.255.0.0 On-link 192.168.30.1 4521
169.254.255.255 255.255.255.255 On-link 192.168.30.1 4501
192.168.3.66 255.255.255.255 On-link 192.168.3.66 281
192.168.30.0 255.255.255.0 On-link 192.168.30.1 4501
192.168.30.1 255.255.255.255 On-link 192.168.30.1 4501
192.168.30.255 255.255.255.255 On-link 192.168.30.1 4501
192.168.111.0 255.255.255.0 On-link 192.168.111.27 4506
192.168.111.27 255.255.255.255 On-link 192.168.111.27 4506
192.168.111.255 255.255.255.255 On-link 192.168.111.27 4506
192.168.220.0 255.255.255.0 On-link 192.168.220.1 4501
192.168.220.1 255.255.255.255 On-link 192.168.220.1 4501
192.168.220.255 255.255.255.255 On-link 192.168.220.1 4501
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 192.168.30.1 4506
224.0.0.0 240.0.0.0 On-link 192.168.220.1 4506
224.0.0.0 240.0.0.0 On-link 192.168.111.27 4511
224.0.0.0 240.0.0.0 On-link 192.168.3.66 26
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 192.168.30.1 4501
255.255.255.255 255.255.255.255 On-link 192.168.220.1 4501
255.255.255.255 255.255.255.255 On-link 192.168.111.27 4506
255.255.255.255 255.255.255.255 On-link 192.168.3.66 281
========================== ========== ========== ========== ========== =========
Persistent Routes:
None
IPv6 Route Table
========================== ========== ========== ========== ========== =========
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 276 fe80::/64 On-link
16 276 fe80::/64 On-link
14 276 fe80::30d2:12f6:7194:55e/1 28
On-link
16 276 fe80::f992:3c7c:21d6:8954/ 128
On-link
1 306 ff00::/8 On-link
14 276 ff00::/8 On-link
16 276 ff00::/8 On-link
========================== ========== ========== ========== ========== =========
Persistent Routes:
None
I don't know why the default gateway is not picking up.but it can pick up DNS server addresses issued by DHCP server.should i have to do any port forwarding on ASA-5510? I have already doing port forwarding for pptp, isakmp,gre.please advise.
i configured another windows 2003 server as VPN server and this time only one NIC i used, but still no luck on the client PC i have the following route information
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.111.1 192.168.111.27 4250
0.0.0.0 0.0.0.0 On-link 192.168.3.66 26
82.33.242.251 255.255.255.255 192.168.111.1 192.168.111.27 4251
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
169.254.0.0 255.255.0.0 On-link 192.168.30.1 4521
169.254.255.255 255.255.255.255 On-link 192.168.30.1 4501
192.168.3.66 255.255.255.255 On-link 192.168.3.66 281
192.168.30.0 255.255.255.0 On-link 192.168.30.1 4501
192.168.30.1 255.255.255.255 On-link 192.168.30.1 4501
192.168.30.255 255.255.255.255 On-link 192.168.30.1 4501
192.168.111.0 255.255.255.0 On-link 192.168.111.27 4506
192.168.111.27 255.255.255.255 On-link 192.168.111.27 4506
192.168.111.255 255.255.255.255 On-link 192.168.111.27 4506
192.168.220.0 255.255.255.0 On-link 192.168.220.1 4501
192.168.220.1 255.255.255.255 On-link 192.168.220.1 4501
192.168.220.255 255.255.255.255 On-link 192.168.220.1 4501
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 192.168.30.1 4506
224.0.0.0 240.0.0.0 On-link 192.168.220.1 4506
224.0.0.0 240.0.0.0 On-link 192.168.111.27 4511
224.0.0.0 240.0.0.0 On-link 192.168.3.66 26
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 192.168.30.1 4501
255.255.255.255 255.255.255.255 On-link 192.168.220.1 4501
255.255.255.255 255.255.255.255 On-link 192.168.111.27 4506
255.255.255.255 255.255.255.255 On-link 192.168.3.66 281
==========================
Persistent Routes:
None
IPv6 Route Table
==========================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 276 fe80::/64 On-link
16 276 fe80::/64 On-link
14 276 fe80::30d2:12f6:7194:55e/1
On-link
16 276 fe80::f992:3c7c:21d6:8954/
On-link
1 306 ff00::/8 On-link
14 276 ff00::/8 On-link
16 276 ff00::/8 On-link
==========================
Persistent Routes:
None
I don't know why the default gateway is not picking up.but it can pick up DNS server addresses issued by DHCP server.should i have to do any port forwarding on ASA-5510? I have already doing port forwarding for pptp, isakmp,gre.please advise.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i got the gateway, but it is showing the same as ip address. does it make sense?
My VPN connections show the gatway as the IP address as well.
Can you not get to any internal devices?
Can you not get to any internal devices?
ASKER
thanks for the help. it's all working fine.thanks guys
It supports Cisco VPN Clients, and Windows PPTP/L2TP clients.
Here's the output of my ipconfig /all when connected via Cisco VPN Client.
Open in new window