Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Routing Issue VPN 3000

Reply
Thread Tools

Routing Issue VPN 3000

 
 
steve
Guest
Posts: n/a
 
      06-05-2006
I have a VPN 3000. When I connect with the client all is good except
for a route entry that appears after login. If I remove this route all
is perfect. The route is to my DNS/DHCP server. the DNS/DHCP server IP
is 10.10.50.10 and its gateway is 10.10.50.1. The route that appears
has 10.10.50.10 going to 10.10.60.1. I have checked the static routes
in the 3000 and the routes in my switch. The DHCP server is no serving
this either.

Any ideas of what could be causing this? Thanks to anyone that replies!

 
Reply With Quote
 
 
 
 
J
Guest
Posts: n/a
 
      06-06-2006
steve wrote:
> I have a VPN 3000. When I connect with the client all is good except
> for a route entry that appears after login. If I remove this route all
> is perfect. The route is to my DNS/DHCP server. the DNS/DHCP server IP
> is 10.10.50.10 and its gateway is 10.10.50.1. The route that appears
> has 10.10.50.10 going to 10.10.60.1. I have checked the static routes
> in the 3000 and the routes in my switch. The DHCP server is no serving
> this either.
>
> Any ideas of what could be causing this? Thanks to anyone that replies!


To the best of my knowledge the VPN3000 line doesn't have a provision
for setting the next hop for a route assigned to a client to be
anything other than that client's assigned VPN IP. The VPN3000 only
hands out the routes to clients that are defined in that profile's
"network list". The network list consists of nothing more than the
network and wildcard mask; ie no next hop. I would look again at the
DHCP scopes as well as Windows login scripts. I don't believe this
route is coming from the VPN3000 itself.

J

 
Reply With Quote
 
 
 
 
abletech4718@gmail.com
Guest
Posts: n/a
 
      06-07-2006
I ran into this a while back. According to Cisco TAC, its the local PC
that adds the route to the server where it got its DHCP address from (I
forget which component of the IP stack does it) and that there is no
way to stop it. The work arounds that I can think of include removing
that route every time you connect or by placing the DHCP service on a
server that you don't otherwise need to connect to. Perhaps using
static IP addresses for your NIC would also work but I didn't try that.


J wrote:
> steve wrote:
> > I have a VPN 3000. When I connect with the client all is good except
> > for a route entry that appears after login. If I remove this route all
> > is perfect. The route is to my DNS/DHCP server. the DNS/DHCP server IP
> > is 10.10.50.10 and its gateway is 10.10.50.1. The route that appears
> > has 10.10.50.10 going to 10.10.60.1. I have checked the static routes
> > in the 3000 and the routes in my switch. The DHCP server is no serving
> > this either.
> >
> > Any ideas of what could be causing this? Thanks to anyone that replies!

>
> To the best of my knowledge the VPN3000 line doesn't have a provision
> for setting the next hop for a route assigned to a client to be
> anything other than that client's assigned VPN IP. The VPN3000 only
> hands out the routes to clients that are defined in that profile's
> "network list". The network list consists of nothing more than the
> network and wildcard mask; ie no next hop. I would look again at the
> DHCP scopes as well as Windows login scripts. I don't believe this
> route is coming from the VPN3000 itself.
>
> J


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN 3000 Concentrator and Microsoft VPN Client Eitan Cisco 0 03-05-2006 09:30 AM
Why would Webrick use 0.0.0.0:3000 instead of 127.0.0.1:3000 ? Curt Hibbs Ruby 1 12-18-2005 12:58 PM
Why would Webrick use 0.0.0.0:3000 instead of 127.0.0.1:3000 ? Curt Hibbs Ruby 2 12-18-2005 06:04 AM
ACS / C1220 APs / VPN 3000 Conc: IP addr allocation for VPN but notfor 802.1X possible? Walter Steiner Cisco 0 07-19-2005 02:09 PM
VPN router-cisco vpn client routing issue OZ Cisco 3 01-14-2005 09:22 PM



Advertisments