URGENT: Way to set a network annotation to include range of std class C networks.
I want ot create a tunnel that will route traffic for anything from 192.168.10.0-192.168.35.0
They are all standard networks using 255.255.255.0
so when my vpn connects i can hit remote boxes w/ no extra step.
[me] ---VPN----> [main office] ----hardwareVPN--->[remote
Main office knows about all the networks.. i need to use a virtual adapter to connect to main office... I just need my adapter to know
to use it for a range of class C networks... or it will just send to my 0.0.0.0 route which wont work because i split tunnel.
They are all standard networks using 255.255.255.0
so when my vpn connects i can hit remote boxes w/ no extra step.
[me] ---VPN----> [main office] ----hardwareVPN--->[remote
Main office knows about all the networks.. i need to use a virtual adapter to connect to main office... I just need my adapter to know
to use it for a range of class C networks... or it will just send to my 0.0.0.0 route which wont work because i split tunnel.
ASKER
Safenet.
I think its what cisco uses. Watchguard uses this also. I have watchguard.
I wanted to do it via the vpn policy so that its only active when I am using a VPN.
maybe i just cant do it... maybe its more of a question for watchguard an how there software sets up VPN routes.
I think its what cisco uses. Watchguard uses this also. I have watchguard.
I wanted to do it via the vpn policy so that its only active when I am using a VPN.
maybe i just cant do it... maybe its more of a question for watchguard an how there software sets up VPN routes.
I would test it first so you are sure it works before you add policy. This will help you troubleshoot the routing first before you work on policy.
why don't you put the route on your default gateway (router / firewall) rather than on your pc? that way there's only one step - every time someone requests a resource at the 192.168.35 network, your router will get them to the right place.
ASKER
let me explain better:
ok, in the main office our hardware device connects to a bunch of branch offices via hardware VPN. Hub/spoke
From there i can ping any network i want all day long no problems.
when im out of the office my software vpn connects to the main office. But it split tunnels. so anything not sent to the main offices specific network does not make it. The vpn virtal adapter only knows to route that one subnet... it does not know about the others.. .the main network im connecting to does.
SO route add would work. because its just a matter of knowing Use adapter Virtual, vs sending unkown to th e 0.0.0.0 route.
I am just trying to do it via the muvpn setup so I do not have to configure route on each pc, and a way to enable and disable it when users are remote/in the office.
ok, in the main office our hardware device connects to a bunch of branch offices via hardware VPN. Hub/spoke
From there i can ping any network i want all day long no problems.
when im out of the office my software vpn connects to the main office. But it split tunnels. so anything not sent to the main offices specific network does not make it. The vpn virtal adapter only knows to route that one subnet... it does not know about the others.. .the main network im connecting to does.
SO route add would work. because its just a matter of knowing Use adapter Virtual, vs sending unkown to th e 0.0.0.0 route.
I am just trying to do it via the muvpn setup so I do not have to configure route on each pc, and a way to enable and disable it when users are remote/in the office.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Oups sorry.. i did that hours ago. I had that a while back but never tested it because it looked like it was creating a seperate vpn instead of route... but it does just work like a route.. and you only have to auth one time for all 15 networks..
so its working this way. But you got it right.. thanks
so its working this way. But you got it right.. thanks
Glad I could help.
Are you going to award points for this?
ASKER
oups..was out of town on busniness...
sure.
sure.
Thank you!
Create a route on your computer.
for example:
route add [remote office network IP] mask 255.255.255.0 [address of main office VPN to VPN remote network] [your VPN interface address] -p
the -p makes the route persistent (still there if you reboot)
BTW what VPN Client are you using - MS, Cisco?