Routing Issue VPN 3000

- S
- steve
  
  Contact options for registered users
posted
17 years ago

Mon, Jun 5, 2006 9:41 PM

I have a VPN 3000. When I connect with the client all is good except for a route entry that appears after login. If I remove this route all is perfect. The route is to my DNS/DHCP server. the DNS/DHCP server IP is 10.10.50.10 and its gateway is 10.10.50.1. The route that appears has 10.10.50.10 going to 10.10.60.1. I have checked the static routes in the 3000 and the routes in my switch. The DHCP server is no serving this either.

Any ideas of what could be causing this? Thanks to anyone that replies!

- J
- J
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Tue, Jun 6, 2006 4:03 AM

To the best of my knowledge the VPN3000 line doesn't have a provision for setting the next hop for a route assigned to a client to be anything other than that client's assigned VPN IP. The VPN3000 only hands out the routes to clients that are defined in that profile's "network list". The network list consists of nothing more than the network and wildcard mask; ie no next hop. I would look again at the DHCP scopes as well as Windows login scripts. I don't believe this route is coming from the VPN3000 itself.

J

- A
- abletech4718
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Wed, Jun 7, 2006 3:42 PM

I ran into this a while back. According to Cisco TAC, its the local PC that adds the route to the server where it got its DHCP address from (I forget which component of the IP stack does it) and that there is no way to stop it. The work arounds that I can think of include removing that route every time you connect or by placing the DHCP service on a server that you don't otherwise need to connect to. Perhaps using static IP addresses for your NIC would also work but I didn't try that.

J wrote: