Solved

How do I set a Route Add to allow a 2 VPN hop?

Posted on 2004-09-08
5
273 Views
Last Modified: 2010-03-18
My company LAN has a hardware VPN connection to a remote LAN where we have several systems. I can access these systems from computers on the company LAN (PING, TELNET, FTP,...). I can also access the company's resources via a Win XP VPN connection over DSL while at home. However, I cannot access the systems on the remote LAN over my DSL VPN connection. I can use Remote Desktop Connection after I have VPN'd to my office to access the remote systems but I'd just as soon access then directly.

The IPs involved are:
    Company LAN = 10.0.x.x
    Remote Systems = 13.28.x.x
    My home LAN = 192.168.x.x with DSL gateway connected to the internet.

How do use Route Add 13.28.0.0 mask 255.255.?.? ?.?.?.? to allow me access to the remote systems from home?

Thanks,
Lp
0
Comment
Question by:lpollis
  • 3
  • 2
5 Comments
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12013210
first get the internal ip address of the company lan's VPN server for the WinXP VPN. (I assume this is not the same hardware as the other VPN).  Call this IP address 10.0.x.y

Then add this to your computer:
route add 13.28.0.0 mask 255.255.0.0 10.0.x.y

if the company's VPN server that you connect to from the DSL is a windows computer, also check out Classless Static Routes DHCP Option
http://www.microsoft.com/technet/community/columns/cableguy/cg1003.mspx

using that, it will add this route to any computer that connects to it.
0
 

Author Comment

by:lpollis
ID: 12015596
Thank you. I tried your suggestion but I am still missing something. See below:
*************
C:\>route add 13.28.0.0 mask 255.255.0.0 10.0.0.250
The route addition failed: Either the interface index is wrong or the gateway does not lie on the same network as the interface. Check the IP Address Table for the machine.

Can you help further?
0
 
LVL 15

Accepted Solution

by:
adamdrayer earned 125 total points
ID: 12015795
ok.  you have to be connected to your Company's VPN.  It should then issue you a IP address through dhcp.  if you type "ipcofnig /all" you should see 2 network connections.  1 of them should be the VPN connection to your company.  In that case you would type the following:

route add 13.28.0.0 mask 255.255.0.0 10.0.0.250 IF 2

you can type "route print" to see exactly which interface is using 10.0.0.250 as a gateway.  That is the interface you want to specify when using this route.  You have to do this when you are connected, and you must do this everytime.
0
 

Author Comment

by:lpollis
ID: 12023447
Thank you. I finally got it to work. The result of the IPCONFIG/ALL showed that I was connected to 10.0.0.51. So the command:
    route add 13.28.0.0 mask 255.255.0.0 10.0.0.51
worked. I could not get the "if 2" to work; I'm not sure why. But, I can now TELNET to my remote systems without first having to log into REMOTE DESKTOP. Your solution helped me to find the right values to use in Route Add.
Thanks again,
Lp
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12023494
glad i could help =)
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now