From: Alistair Nelson (alistair.nelson_at_eb2b.com.au)
Date: Mon Oct 07 2002 - 05:44:59 CEST
Hi,
The issue has been resolved. I resolved the issue at the Win2000 Server
end. I updated
the box to service pack 3, and changed the routing protocol from IGMP to
RIP. One, the other
or both these changes seems to have fixed my problem. The unwanted
routes are no longer
being added to the Windows box for VPN connections.
Cheers
Al.
-----Original Message-----
From: Alistair Nelson [mailto:alistair.nelson_at_eb2b.com.au]
Sent: Thursday, 3 October 2002 11:52 AM
To: 'Users_at_lists.freeswan.org'
Subject: Roadwarrior strange route issue (update)
Hi,
Just to recap.
1) A road warrior begins communicating with a private file server
(Windows 2000 Server).
2) The Windows 2000 Server unfortunately adds a dynamic route to the
road warrior using
the firewall as the route gateway, instead of the VPN gateway. It
must get this from
the Freeswan gateway as the Freeswan gateway's default gateway is
also the firewall.
3) The road warrior can't communicate with the file server until the
dynamic route is
manually deleted. Or, Windows 2000 automatically deletes the route
after 10 minutes
due to a bug (which is actually working in my favour right now),
which I think is:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q244539&
Surely others must have a very similar scenario? How do you either stop
the dynamic
routes being added to the Win server or configure things so that the
added route has the correct gateway???
Really appreciate any help!
Thanks,
Alistair.
-----Original Message-----
From: Alistair Nelson [mailto:alistair.nelson_at_eb2b.com.au]
Sent: Wednesday, 2 October 2002 2:59 PM
To: 'Users_at_lists.freeswan.org'
Subject: Roadwarrior strange route issue
Hi,
I have a Win2K road warrior -> Freeswan GW configured as per Nate
Carlsons doc.
RoadWarrior <> Internet <> Firewall <> Freeswan GW <> Win2000Server
* The Freeswan GW has a public and an internal IP address.
* The F/S GW has a default route pointing to the firewall
* The Win2000Server has a default route pointing to the F/S GW
This problem does not ALWAYS happen... unfortunately I haven't been able
to work out exactly what causes it. But often when a road warrior
communicates with the
Win2000Server, the Win2000Server adds a route in it's route tables for
the road warrior. Only it gives the route a default gateway pointing to
the firewall instead of the F/S gw. I guess it must be getting this
default gateway from the F/S GW. Once I manually delete this route on
the Win2000Server, the VPN tunnel works fine... until a future
connection adds the route again!?
Anyone had this happen??
Thanks in advance for any help,
Alistair Nelson
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Tue Oct 08 2002 - 05:20:20 CEST