does the VPN/firewall device have routes in it to the other subnets. (route
print under NT, or show ip route under IOS)

under 2000 there's a check box under tcpip properties->advanced->networking

that says "use default gateway on remote network" or somesuch. is that
checked?

-----Original Message-----
From: Jason Gauthier [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 10:09 AM
To: NT System Admin Issues
Subject: VPN routing



  This is a somewhat involved problem, so I'll try to give as much detail as
possible to help paint a picture.
  
We've got several internal subnets. (i.e., 192.168.1.x, 192.168.2.x,
192.168.3.x and so forth)
We have a firewall device terminating the VPN connections.  The pool of IP
addresses assigned for this are      in our primary subnet. (192.168.1.x).
By default, the W2k PPTP client adds a route to the network your VPN device
is assigned.  So, now all traffic destined for 192.168.1.x via the VPN
connection works great.

However, any communications to the other subnets will try and find their way
using my default route. My ISP.. and they won't get anywhere.

I can remedy this problem manually pretty easily:

ipconfig /all
get IP address of VPN interface
route add 192.168.0.0 MASK 255.255.0.0 [ip address of VPN interface]

However, This is not a sufficient task to ask my remote end users.
I'm looking for a way to automatically execute this command after the VPN
connection is established.
Even a batch file they can run manually would be acceptable. 
The problem I've run into, is that Windows does not have very advanced text
handling routines as commands. So stripping the IP address from ipconfig to
save into a variable is nearly impossible.

Thoughts, ideas, suggestions?

Jason





Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mod
e=0&lang=english
This e-mail may be privileged and/or confidential, and the sender does not
waive any related rights and obligations. Any distribution, use or copying
of this e-mail or the information it contains by other than an intended
recipient is unauthorized. If you received this e-mail in error, please
advise me (by return e-mail or otherwise) immediately. 

Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin&text_mode=0&lang=english

Reply via email to