asked on

VPN default gateway problem

Hi Guys,
i got a Windows 2003 VPN server behind cisco asa 5510 . windows clients can connect to the windows 2003 vpn server without any problem,also getting the ip address and dns server settings from the DHCP server, except the default gateway.
the default gateway is shown as 0.0.0.0 under ipconfig
when i 'route print' the results shows the default gateway is same as the ip address.
anu idea? please help me
we got VLAN's in the network
the DHCP server is on different VLAN to the windows RAS server. but i enabled the dhcp relay agent on the RAS, but still no luck.

I did issue a command on cisco 3560
Int vlan 6
ip helper-address <dhcp server ip>

please help me....

Gunter17

If you have an ASA, why not just use it as your VPN server?

It supports Cisco VPN Clients, and Windows PPTP/L2TP clients.

Here's the output of my ipconfig /all when connected via Cisco VPN Client.

Ethernet adapter Local Area Connection 2:
 
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Cisco Systems VPN Adapter
        Physical Address. . . . . . . . . : 00-05-9A-3C-78-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 10.0.250.4
        Subnet Mask . . . . . . . . . . . : 255.0.0.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 10.0.0.10

Open in new window

APPIREDDY

ASKER

thanks for the reply. i know, but for the timebeing i will have to make this windows server2003 work.my ipconfig on the client showes as below
C:\Users\reddy>ipconfig

Windows IP Configuration

PPP adapter Tns VPN:

Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 192.168.3.57
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0

also i got two nics on the RAS server as followes
VPN Network Adaptor
Ip add:192.168.3.10
sub mask:255.255.255.0
DG:192.168.3.1
DNS:192.168.0.6
LAN Adaptor
LAN Network Adaptor
Ip add:192.168.3.9
sub mask:255.255.255.0
DG:
DNS:

please advise if anything is wrong.

regards

Gunter17

Just curious, why have two NICs on the server pointing to the same internal network?

Is RRAS binding to the correct NIC?

Gunter17

Can I see a route print on the client as well.

APPIREDDY

ASKER

C:\Documents and Settings\lap>IPCONFIG

Windows IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

PPP adapter tns:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.3.52
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.3.52

C:\Documents and Settings\lap>ROUTE PRINT
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0b db 14 50 40 ...... 3Com 3C920 Integrated Fast Ethernet Controller
0x80004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 21
0.0.0.0 0.0.0.0 192.168.3.52 192.168.3.52 1
82.33.242.236 255.255.255.255 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
192.168.3.0 255.255.255.0 192.168.3.52 192.168.3.52 1
192.168.3.52 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.3.255 255.255.255.255 192.168.3.52 192.168.3.52 50
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.3.52 192.168.3.52 1
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
255.255.255.255 255.255.255.255 192.168.3.52 192.168.3.52 1
Default Gateway: 192.168.3.52
===========================================================================
Persistent Routes:
None

APPIREDDY

ASKER

ras IS BINDING TO THE CORRECT nic. ideally i want to separate VPN traffic from the Local network traffic.

APPIREDDY

ASKER

Hi Guys
i configured another windows 2003 server as VPN server and this time only one NIC i used, but still no luck on the client PC i have the following route information
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.111.1 192.168.111.27 4250
0.0.0.0 0.0.0.0 On-link 192.168.3.66 26
82.33.242.251 255.255.255.255 192.168.111.1 192.168.111.27 4251
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
169.254.0.0 255.255.0.0 On-link 192.168.30.1 4521
169.254.255.255 255.255.255.255 On-link 192.168.30.1 4501
192.168.3.66 255.255.255.255 On-link 192.168.3.66 281
192.168.30.0 255.255.255.0 On-link 192.168.30.1 4501
192.168.30.1 255.255.255.255 On-link 192.168.30.1 4501
192.168.30.255 255.255.255.255 On-link 192.168.30.1 4501
192.168.111.0 255.255.255.0 On-link 192.168.111.27 4506
192.168.111.27 255.255.255.255 On-link 192.168.111.27 4506
192.168.111.255 255.255.255.255 On-link 192.168.111.27 4506
192.168.220.0 255.255.255.0 On-link 192.168.220.1 4501
192.168.220.1 255.255.255.255 On-link 192.168.220.1 4501
192.168.220.255 255.255.255.255 On-link 192.168.220.1 4501
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 192.168.30.1 4506
224.0.0.0 240.0.0.0 On-link 192.168.220.1 4506
224.0.0.0 240.0.0.0 On-link 192.168.111.27 4511
224.0.0.0 240.0.0.0 On-link 192.168.3.66 26
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 192.168.30.1 4501
255.255.255.255 255.255.255.255 On-link 192.168.220.1 4501
255.255.255.255 255.255.255.255 On-link 192.168.111.27 4506
255.255.255.255 255.255.255.255 On-link 192.168.3.66 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 276 fe80::/64 On-link
16 276 fe80::/64 On-link
14 276 fe80::30d2:12f6:7194:55e/128
On-link
16 276 fe80::f992:3c7c:21d6:8954/128
On-link
1 306 ff00::/8 On-link
14 276 ff00::/8 On-link
16 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

I don't know why the default gateway is not picking up.but it can pick up DNS server addresses issued by DHCP server.should i have to do any port forwarding on ASA-5510? I have already doing port forwarding for pptp, isakmp,gre.please advise.

ASKER CERTIFIED SOLUTION

Gunter17

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

APPIREDDY

ASKER

i got the gateway, but it is showing the same as ip address. does it make sense?

Gunter17

My VPN connections show the gatway as the IP address as well.

Can you not get to any internal devices?

APPIREDDY

ASKER

thanks for the help. it's all working fine.thanks guys