Solved

XP routing table changes kill Nortel Contivity VPN client

Posted on 2004-10-20
5
2,430 Views
Last Modified: 2013-12-23
Ok here's a tricky one.

We have been given the Nortel Contivity VPN client as a solution to access systems that are external to out network that we do not control.  We also have an internal Cisco based site-to-site VPN that connects all of our offices together.  Our corportate subnet is 10.10.10.0/24 and this problemed branch office subnet is 10.10.45.0/24.  All of our internal systems work great.

OK here is the problem.  A user on an XP machine will connect to the systems external to our netowrk without a problem using the Nortel Client.  Once connected they can access the systems they need until XP changes its internal routing table.  The Nortel Client automatically disconnects after a routing table change by design.  These branch office machines (10.10.45.0/24) access several servers on the corporate network (10.10.10.0/24).  One of the branch machines accesses say 10.10.10.23 for email it adds that address to its routing table and disconnects the Nortel VPN.

I thought I would get by with scripting a route add in the logon script that adds a route to each XP machine that looks like the following (route add 10.10.10.0 MASK 255.255.255.0 10.10.45.1 METRIC 1).  Well as you can see below 10.10.10.18 was also added automatically to the routing table therefore, killing the VPN.  If all of 10.10.10.0 traffic is already routed then why is XP routing each IP additionally?  I have to find a way to stop this so I can keep the Nortel VPN up.  Any suggestions?

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0f 1f da 7c 61 ...... Broadcom NetXtreme 57xx Gigabit Controller - Pac
ket Scheduler Miniport
0x3 ...44 45 53 54 42 00 ...... Nortel IPSECSHM Adapter - Packet Scheduler Minip
ort
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.10.45.1     10.10.45.60       10
       10.10.10.0    255.255.255.0       10.10.45.1     10.10.45.60       1
      10.10.10.18  255.255.255.255       10.10.45.1     10.10.45.60       1
       10.10.45.0    255.255.255.0      10.10.45.60     10.10.45.60       10
      10.10.45.60  255.255.255.255        127.0.0.1       127.0.0.1       10
   10.255.255.255  255.255.255.255      10.10.45.60     10.10.45.60       10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        224.0.0.0        240.0.0.0      10.10.45.60     10.10.45.60       10
  255.255.255.255  255.255.255.255      10.10.45.60     10.10.45.60       1
  255.255.255.255  255.255.255.255      10.10.45.60               3       1
Default Gateway:        10.10.45.1
===========================================================================
Persistent Routes:
  None


Thanks!
JHarper
0
Comment
Question by:Jharper
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 13

Expert Comment

by:masterbaker
ID: 12394313
Have you tried updating to the latest VPN client version?  You can go to Nortel's website to get a 30 day trial version of the latest client here:

http://www.nortelnetworks.com/products/01/contivity/multi_os/

I also found another similar problem to yours.  Here's a link to their post and the response:

http://www.broadbandreports.com/forum/remark,9677729~mode=flat

Sorry I don't have an exact fix for you.  I'll post back if I can come up with anything else.

Jeff
0
 
LVL 3

Author Comment

by:Jharper
ID: 12423470
Thanks for the suggestion Masterbaker..  The only way I've found to help the is to make the changes that I mentioned earlier.  I'll paste the piece of my Kixtart script below so that it may help someone else.

Shell ('%Comspec% /C route add 10.10.10.0 MASK 255.255.255.0 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.1 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.2 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.3 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.4 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.5 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.6 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.7 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.8 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.9 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.10 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.11 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.12 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.13 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.14 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.15 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.16 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.17 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.18 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.19 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.20 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.21 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.22 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.23 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.24 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.25 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.26 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.27 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.28 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.29 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
Shell ('%Comspec% /C route add 10.10.10.30 MASK 255.255.255.255 10.10.45.1 METRIC 1') ;Nortel VPN fix
0
 
LVL 3

Author Comment

by:Jharper
ID: 12524459
Mods:

Please close this question and refund my points.

Thank you,
Jharper
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 12818484
PAQed with points refunded (250)

modulo
Community Support Moderator
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Resolve DNS query failed errors for Exchange
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question