Routing Issue VPN 3000

Discussion in 'Cisco' started by steve, Jun 5, 2006.

  1. steve

    steve Guest

    I have a VPN 3000. When I connect with the client all is good except
    for a route entry that appears after login. If I remove this route all
    is perfect. The route is to my DNS/DHCP server. the DNS/DHCP server IP
    is 10.10.50.10 and its gateway is 10.10.50.1. The route that appears
    has 10.10.50.10 going to 10.10.60.1. I have checked the static routes
    in the 3000 and the routes in my switch. The DHCP server is no serving
    this either.

    Any ideas of what could be causing this? Thanks to anyone that replies!
     
    steve, Jun 5, 2006
    #1
    1. Advertising

  2. steve

    J Guest

    steve wrote:
    > I have a VPN 3000. When I connect with the client all is good except
    > for a route entry that appears after login. If I remove this route all
    > is perfect. The route is to my DNS/DHCP server. the DNS/DHCP server IP
    > is 10.10.50.10 and its gateway is 10.10.50.1. The route that appears
    > has 10.10.50.10 going to 10.10.60.1. I have checked the static routes
    > in the 3000 and the routes in my switch. The DHCP server is no serving
    > this either.
    >
    > Any ideas of what could be causing this? Thanks to anyone that replies!


    To the best of my knowledge the VPN3000 line doesn't have a provision
    for setting the next hop for a route assigned to a client to be
    anything other than that client's assigned VPN IP. The VPN3000 only
    hands out the routes to clients that are defined in that profile's
    "network list". The network list consists of nothing more than the
    network and wildcard mask; ie no next hop. I would look again at the
    DHCP scopes as well as Windows login scripts. I don't believe this
    route is coming from the VPN3000 itself.

    J
     
    J, Jun 6, 2006
    #2
    1. Advertising

  3. steve

    Guest

    I ran into this a while back. According to Cisco TAC, its the local PC
    that adds the route to the server where it got its DHCP address from (I
    forget which component of the IP stack does it) and that there is no
    way to stop it. The work arounds that I can think of include removing
    that route every time you connect or by placing the DHCP service on a
    server that you don't otherwise need to connect to. Perhaps using
    static IP addresses for your NIC would also work but I didn't try that.


    J wrote:
    > steve wrote:
    > > I have a VPN 3000. When I connect with the client all is good except
    > > for a route entry that appears after login. If I remove this route all
    > > is perfect. The route is to my DNS/DHCP server. the DNS/DHCP server IP
    > > is 10.10.50.10 and its gateway is 10.10.50.1. The route that appears
    > > has 10.10.50.10 going to 10.10.60.1. I have checked the static routes
    > > in the 3000 and the routes in my switch. The DHCP server is no serving
    > > this either.
    > >
    > > Any ideas of what could be causing this? Thanks to anyone that replies!

    >
    > To the best of my knowledge the VPN3000 line doesn't have a provision
    > for setting the next hop for a route assigned to a client to be
    > anything other than that client's assigned VPN IP. The VPN3000 only
    > hands out the routes to clients that are defined in that profile's
    > "network list". The network list consists of nothing more than the
    > network and wildcard mask; ie no next hop. I would look again at the
    > DHCP scopes as well as Windows login scripts. I don't believe this
    > route is coming from the VPN3000 itself.
    >
    > J
     
    , Jun 7, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. OZ
    Replies:
    3
    Views:
    11,190
  2. Walter Steiner
    Replies:
    0
    Views:
    764
    Walter Steiner
    Jul 19, 2005
  3. Eitan
    Replies:
    0
    Views:
    533
    Eitan
    Mar 5, 2006
  4. Guyster
    Replies:
    6
    Views:
    1,125
    Guyster
    Oct 22, 2007
  5. ivrc
    Replies:
    0
    Views:
    407
Loading...

Share This Page