1. Home
  2. Cisco Systems
  3. wrong path if connection is from pptp

wrong path if connection is from pptp

My router terminates for both IPSec and PPTP. When I use IpSec to connect to the router, then I can ping any hosts on internal network 192.168.247.0/24. When I use PPTP to connect to the router, then I cannot.

I turned on the debug and it shows that for PPTP, the packets are forwarded to the interface 0/0 that connects to the Internet, therefore it never gets to the internal network which is on interface Vlan2. For Ipsec, the packets are forwarded correctly.

Both Ipsec and PPTP ip pool are from the same network 192.168.235.0/24.

Below are two debug output for PPTP and IPSEC

** PPTP ** 007209: *Jul 18 21:45:21.551: IP: tableid=0, s=192.168.235.1 (Virtual-Access3), d=192.168.247.2 (FastEthernet0/0), routed via RIB 007210: *Jul 18 21:45:21.551: IP: s=192.168.235.1 (Virtual-Access3), d=192.168.247.2, len 60, rcvd 4 007211: *Jul 18 21:45:27.055: IP: tableid=0, s=192.168.235.1 (Virtual-Access3), d=192.168.247.2 (FastEthernet0/0), routed via RIB

** IPSEC ***

007263: *Jul 18 21:51:33.051: IP: tableid=0, s=192.168.235.105 (FastEthernet0/0), d=192.168.247.2 (Vlan2), routed via RIB 007264: *Jul 18 21:51:33.055: IP: s=192.168.235.105 (FastEthernet0/0), d=192.168.247.2 (Vlan2), g=192.168.247.2, len 60, forward 007265: *Jul 18 21:51:33.055: IP: tableid=0, s=192.168.247.2 (FastEthernet0/1), d=192.168.235.105 (FastEthernet0/0), routed via RIB

Why does that path decision change with PPTP ? I must have some wrong settins but I have no clue.

Thanks for your advice,

DT

Reply to
dt1649651
Loading thread data ...

send in the comfig amd show route. just by this debug nobody can tell you anything

Reply to
rave

Hi Rave,

As you can see, network 192.168.253.0/24 is directly connected to VLAN3, but the packets pinged from 192.168.235.1 to 192.168.253.24 are forwarded to FastEthernet 0/0, which connects to the Internet.

Gateway of last resort is xxx.xxx.xxx.xxx to network 0.0.0.0

C 192.168.247.0/24 is directly connected, Vlan2 xxx.0.0.0/27 is subnetted, 1 subnets C xxx.xxx.xxx.xxx is directly connected, FastEthernet0/0 S 192.168.234.0/24 [1/0] via 192.168.247.5 192.168.235.0/32 is subnetted, 1 subnets C 192.168.235.1 is directly connected, Virtual-Access3 C 192.168.249.0/24 is directly connected, FastEthernet0/1 S 192.1.1.0/24 [1/0] via 192.168.247.1 S 192.168.220.0/24 [1/0] via 192.168.247.5 C 192.168.253.0/24 is directly connected, Vlan3 S* 0.0.0.0/0 [1/0] via xxx.xxx.xxx.xxx #

000084: *Jul 24 02:22:23.511: %SEC-6-IPACCESSLOGDP: list 115 permitted icmp 192.168.235.1 -> 192.168.253.24 (0/0), 15 packets # 000085: *Jul 24 02:23:34.319: IP: tableid=0, s=192.168.235.1 (Virtual-Access3), d=192.168.253.24 (FastEthernet0/0), routed via RIB 000086: *Jul 24 02:23:34.319: IP: s=192.168.235.1 (Virtual-Access3), d=192.168.253.24, len 60, rcvd 4 000087: *Jul 24 02:23:39.839: IP: tableid=0, s=192.168.235.1 (Virtual-Access3), d=192.168.253.24 (FastEthernet0/0), routed via RIB 000088: *Jul 24 02:23:39.839: IP: s=192.168.235.1 (Virtual-Access3), d=192.168.253.24, len 60, rcvd 4 000089: *Jul 24 02:23:44.867: IP: tableid=0, s=192.168.235.1 (Virtual-Access3), d=192.168.253.24 (FastEthernet0/0), routed via RIB 000090: *Jul 24 02:23:44.867: IP: s=192.168.235.1 (Virtual-Access3), d=192.168.253.24, len 60, rcvd 4 000091: *Jul 24 02:23:49.899: IP: tableid=0, s=192.168.235.1 (Virtual-Access3), d=192.168.253.24 (FastEthernet0/0), routed via RIB 000092: *Jul 24 02:23:49.899: IP: s=192.168.235.1 (Virtual-Access3), d=192.168.253.24, len 60, rcvd 4

DT

Reply to
dt1649651

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.