Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Windows 7 does not add proper Route for Client VPN connection

Posted on 2014-08-01
5
Medium Priority
?
1,092 Views
Last Modified: 2014-08-01
Windows 7 Pro
Meraki MX60 Security Device
Client VPN using AD authentication.

When I connect to the MX60 I am connected with no problem I get ip address 192.168.70.140
I try to ping the 192.168.69.1 the lan port on the MX60 I get no response.

I have an iPhone and ipad that I can VPN connect with and both of those devices work can ping 192.168.69.1 no issue
also have Mac notebook Air LAN or wifi connection both work Only windows 7 giving me a problem.

Before I connect I do an route print  this is what I see
C:\Users\Thomas>route print
===========================================================================
Interface List
 13...80 c1 6e df 35 1a ......Intel(R) 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     10.238.122.1    10.238.122.69     10
     10.238.122.0    255.255.255.0         On-link     10.238.122.69    266
    10.238.122.69  255.255.255.255         On-link     10.238.122.69    266
   10.238.122.255  255.255.255.255         On-link     10.238.122.69    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     10.238.122.69    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     10.238.122.69    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6abd:2480:1fe5:f511:85ba/128
                                    On-link
 13    266 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::2480:1fe5:f511:85ba/128
                                    On-link
 13    266 fe80::dcc7:884e:4a42:4dcc/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

When I VPN connect my route print looks like this

C:\Users\Thomas>route print
===========================================================================
Interface List
 25...........................TGCSNET Meraki
 13...80 c1 6e df 35 1a ......Intel(R) 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     10.238.122.1    10.238.122.69     10
     10.238.122.0    255.255.255.0         On-link     10.238.122.69    266
    10.238.122.69  255.255.255.255         On-link     10.238.122.69    266
   10.238.122.255  255.255.255.255         On-link     10.238.122.69    266
      72.76.105.5  255.255.255.255     10.238.122.1    10.238.122.69     11
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     192.168.70.0    255.255.255.0     192.168.69.1   192.168.70.140     11
   192.168.70.140  255.255.255.255         On-link    192.168.70.140    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     10.238.122.69    266
        224.0.0.0        240.0.0.0         On-link    192.168.70.140    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     10.238.122.69    266
  255.255.255.255  255.255.255.255         On-link    192.168.70.140    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6abd:2480:1fe5:f511:85ba/128
                                    On-link
 13    266 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::2480:1fe5:f511:85ba/128
                                    On-link
 13    266 fe80::dcc7:884e:4a42:4dcc/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

I have contacted Cisco on this and they are trying to figure it out they are not windows 7 experts.

I have tried a few route add command but none seem to work.

ran this command
netsh interface ip delete destinationcache         to clear the route table

thoughts
0
Comment
Question by:Thomas Grassi
  • 3
  • 2
5 Comments
 
LVL 99

Accepted Solution

by:
John Hurst earned 1500 total points
ID: 40234147
You need to set up the office end to use a subnet and not a specific IP address so that the client coming in can use all the IP addresses, not just one. Your subnet mask is 255.255.255.255 which is for a specific IP address.

Try comparing this setup to the working devices.
0
 
LVL 23

Author Comment

by:Thomas Grassi
ID: 40234204
John thanks for responding

Any thoughts on what route add command would look like

I know I should not require one but this is a test for Cisco support
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 40234217
@trgrassijr55  - I am not a Cisco expert; rather, I use Juniper IPsec VPN. I set up Juniper using Subnet addressing at each end and a mask of 255.255.255.0 so that all addresses on each end can be used.

I have not ever had to add a route so I do not know how that would work.
0
 
LVL 23

Author Closing Comment

by:Thomas Grassi
ID: 40234300
John

Thanks for your help I figured it out.

Now off to Cisco to see what they can do

this was the route add I made

route add 192.0.0.0 mask 255.0.0.0 192.168.70.140

The gateway is the ip address of my vpn connection.

But that can change since it is dhcp  can not do route add every time

Thanks again
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 40234315
@trgrassijr55  - Thank you for the update. I hope Cisco can solve the problem and good to see the progress you have made so far.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question