Re: Problem with route add and VPN

I am not quite clear on the last part of the solultuon.

here is what i am tying to access the destination network:

route add 192.168.0.0 mask 255.255.255.0 10.0.0.115 IF 0x1f0006

if i type that then it works, but as you know the connection IF changes
everytimne the
the vpn connection is disconnected and reconnected.

I am not sure what he means by local address ? Can you shed some light on it?

my network 192.168.0.0 the remote networks that i adding the route for
192.168.0.0 and 10.2.3.0

Thanks,

Robert


"armibewo" wrote:

Yes that works great! Thank you.

"Kurt" wrote:

armibewo wrote:
Thank you for your suggestions. Unfortunately this does not seem to work in
this case.

When I add the route it will only add sucessfully if I specify the
interface. If I do not specify the interface I get the following mesage:

"The route addition failed: Either the interface index is wrong or the
gateway does not lie on the same network as the interface. Check the IP
Address Table for the machine."

It will add without problems if I specify the interface. However each time I
make the VPN connection the interface ID is different so a batch file would
not work.

"Kurt" wrote:

I second Robert's suggestion, and might add that you can create a batch
file that will start the VPN and add the route (not persistent) so it
will be a one-step process instead of a 2-step. You can connect using
"rasdial", pause a few seconds for the connection to be established,
then add the route.

....kurt

Robert L [MVP - Networking] wrote:
I don't have solution, but what I might do is create batch to add route
whenever you establish the VPN. You may also want to use CMAK.This link
may help too,

How to vpn automatically
<http://www.howtonetworking.com/VPN/autorasdial1.htm>
Add pre-setup VPN auto-connection by *CMAK* to the Startup. 2. Create a
logon batch with rasdail command to start the VPN connection. *...*
http://www.howtonetworking.com/VPN/autorasdial1.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com

"armibewo" <armibewo@xxxxxxxxxxxxxxxxxxxxxxxxx
<mailto:armibewo@xxxxxxxxxxxxxxxxxxxxxxxxx>> wrote in message
news:B07B03BC-6B33-4223-BF54-7EA5A2732986@xxxxxxxxxxxxxxxx
I'm having a bit of trouble using 'route add' on Windows 2000 Server.

I have created a remote access VPN connection in Network and Dial Up
Connections and have cleared 'Use default gateway on remote network'
as I do
not want the VPN connection to alter the default gateway.

I connect to VPN and I'm given an IP address on the remote subnet. I
need to
access a server on a different subnet through the VPN so I create a
persitant
route using:

route -p add xxx.xxx.xxx.xxx mask 255.255.255.255 xxx.xxx.xxx.xxx
metric 1
if xxxxx

The route adds fine and I can ping the server I need. However after I
disconnect the VPN and then recconnect, the route no longer works.
After
reconnecting the persistant route is still there but is not being
followed.

I found the following on technet:

"With Windows NT 4.0 Service Pack 3 and later and with Windows 2000,
the
persistent routes are not actually added to the IP routing table
(and are not
visible with the route print command at the Windows 2000 command
prompt)
until the IP address of the gateway is reachable. The IP address of the
gateway becomes reachable when the VPN connection is made."

(http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/intwork/inbe_vpn_obwd.mspx?mfr=true)

From reading this it appears that the the route is not actually
re-added to
the routing table after the VPN connection is reastablished for some
reason.
I have tried pinging the gateway to show that it is available but
the routing
table does not update. Presumably something should be checking to
see if a
gateway is available but is not recognising that the VPN has come
back up.

Does anyone know how to bypass this checking and force persistant
routes to
be part of the routing table?

You can specify the connection name to "dial". This works (I do it
myself). I run it in a startup script so the VPN will start back up when
the computer is rebooted.

rasdial work name password

"work" is the name of my VPN connection to my office. I need it alive
24/7 and to come back up by itself if the computer at home is rebooted.

And you can set the other end up to allow your client to specify its own
IP address, then just use the known local address as the gateway, rather
than specifying a remote address and local interface. Seems strange, but
it works.

....kurt


.

Relevant Pages

  • Re: VPN and XP SP2 woes
    ... I connected VPN, default gateway box Checked, and got a route print. ... Nothing is going over my VPN connection. ... >>> traffic in to the corporate network. ...
    (microsoft.public.windowsxp.help_and_support)
  • OT: RRAS doesnt R
    ... A remote user now needs access to our network. ... She needs to connect via VPN ... Our office is only one subnet. ... Here's the routing table from a "route print" done on Dataman, ...
    (microsoft.public.cert.exam.mcse)
  • Re: Using a Linksys router, should I also use Zonealarm? Internet Acceptable Use Policy
    ... depending on your VPN client when you connect to VPN server client will ... As soon as you connect to VPN server that will be default route. ... other network address. ... I created new default route for my internet traffic that points to my ISP. ...
    (microsoft.public.security)
  • Re: SMB Shares Dangerous?
    ... Since a VPN connection effectively makes the machine that is ... on your network more tightly controlled than those allowed to ... point me to any articles that confirm or deny the risk ...
    (microsoft.public.win2000.security)
  • Re: OT: RRAS doesnt R
    ... using a VPN. ... A remote user now needs access to our network. ... Our office is only one subnet. ... Here's the routing table from a "route print" done on Dataman, ...
    (microsoft.public.cert.exam.mcse)
Loading