p_bhvn
asked on
how to add static route after connecting to Cisco VPN
Hi,
We have 2 networks in our office 192.168.1.x and 192.168.116..x. There's a windows XP box (SP3) in 192.168.1.x and has default gateway (192.168.1.1) set for connecting internet and other network 192.168.116.x.
When this box connects to remote Cisco VPN, its Default gateway gets changed and 192.168.116.x is not accessible (we don't need Internet here but must be able to connect the other network while being connected to VPN as well). So, i added a static route (after connecting to VPN) as below but no use.
route add 192.168.116.0 mask 255.255.255.0 192.168.1.1 metric 1
when i tried tracert it does not display any gateway/hop except for *.
Please advise.
Thanks
Bhvn
We have 2 networks in our office 192.168.1.x and 192.168.116..x. There's a windows XP box (SP3) in 192.168.1.x and has default gateway (192.168.1.1) set for connecting internet and other network 192.168.116.x.
When this box connects to remote Cisco VPN, its Default gateway gets changed and 192.168.116.x is not accessible (we don't need Internet here but must be able to connect the other network while being connected to VPN as well). So, i added a static route (after connecting to VPN) as below but no use.
route add 192.168.116.0 mask 255.255.255.0 192.168.1.1 metric 1
when i tried tracert it does not display any gateway/hop except for *.
Please advise.
Thanks
Bhvn
ASKER
Hi JasonTracy,
LocalLAN option enabled in the VPN client and I'm able to access ALL LAN resources within 192.168.1.x. But i'm NOT able to access 192.168.116.x even after adding the static route as
route add 192.168.116.0 mask 255.255.255.0 192.168.1.1 metric 1
Thanks,
Bhvn
LocalLAN option enabled in the VPN client and I'm able to access ALL LAN resources within 192.168.1.x. But i'm NOT able to access 192.168.116.x even after adding the static route as
route add 192.168.116.0 mask 255.255.255.0 192.168.1.1 metric 1
Thanks,
Bhvn
The VPN client wins over what is in the XP routes. You are doing the XP part right.
Go to Status, Statistics, and choose the "Route Details" tab when connected over VPN. What does it say for local LAN routes and Secured Routes?
Go to Status, Statistics, and choose the "Route Details" tab when connected over VPN. What does it say for local LAN routes and Secured Routes?
ASKER
Hi,
Local LAN Routes have only 1 entry:
Network = 192.168.1.0
Subnet Mask = 255.255.255.0
and Secured Routes have only 1 entry:
Network = 0.0.0.0
Subnet Mask = 0.0.0.0
This could be because there're no in-built static routes entered into the VPN client. But My concern here is that i ran the static route command after connecting to VPN which should work. Am i wrong?
Please advise if there's any other way i could access my other network (perhaps, another NIC? etc.)
Thanks
Bhvn
Local LAN Routes have only 1 entry:
Network = 192.168.1.0
Subnet Mask = 255.255.255.0
and Secured Routes have only 1 entry:
Network = 0.0.0.0
Subnet Mask = 0.0.0.0
This could be because there're no in-built static routes entered into the VPN client. But My concern here is that i ran the static route command after connecting to VPN which should work. Am i wrong?
Please advise if there's any other way i could access my other network (perhaps, another NIC? etc.)
Thanks
Bhvn
Ok, the problem is that "Secured Routes" is set to everything. While the "allow local access" box allows access to 192.168.1.0/24, the VPN client is being told by the VPN server that everything else MUST be encrypted and sent to the VPN server. This includes packets bound for 192.168.16.0/24.
The company that has the VPN server needs to use "Split Tunneling" and only tunnel the networks they need. For example, if you're accessing something on the 192.168.100.0/24 network, only that network should be listed in the secured routes table.
The company that has the VPN server needs to use "Split Tunneling" and only tunnel the networks they need. For example, if you're accessing something on the 192.168.100.0/24 network, only that network should be listed in the secured routes table.
ASKER
Also, OS command "route print" shows the static route that i added.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry, I keep saying 192.168.16.0/24 when I mean 192.168.116.0/24.
ASKER
Thank you jasonTracy for the support you have provided...
So what do you need to do if you have two NICs? I intend for one NIC to be connected to the VPN, and for the other to be connected to the Local LAN... How would I add the static routes to get my second NIC to direct traffic for my local network. The VPN network is on 10.0.1.X while my local network is on 192.168.0.X. Thanks!
Many companies do not allow a VPN client user to access both a local network and the VPN network, as there are some security issues with that.