Avaya Support Forums

Avaya Support Forums (http://support.avaya.com/forums/index.php)
-   Avaya Networking Products (http://support.avaya.com/forums/forumdisplay.php?f=25)
-   -   Local network not accessible with vpn client (http://support.avaya.com/forums/showthread.php?t=3827)

travec 11-06-2013 08:35 AM

Local network not accessible with vpn client
 
Hello,

I cannot access my local network (network shares) when connected with the avaya vpn client.

here's my routing table before connecting with the vpn client:

Code:

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x100002 ...44 45 53 54 42 00 ...... Avaya IPSECSHM Adapter - Packet Scheduler M
iniport
0x100003 ...00 ff ea 55 53 e5 ...... Avaya VPN Adapter - Packet Scheduler Minipo
rt
0x110005 ...00 13 72 1a e8 6a ...... Broadcom NetXtreme 57xx Gigabit Controller
- Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway      Interface  Metric
          0.0.0.0          0.0.0.0    192.168.7.133    192.168.7.54      20
        127.0.0.0        255.0.0.0        127.0.0.1      127.0.0.1      1
      192.168.7.0    255.255.255.0    192.168.7.54    192.168.7.54      20
    192.168.7.54  255.255.255.255        127.0.0.1      127.0.0.1      20
    192.168.7.255  255.255.255.255    192.168.7.54    192.168.7.54      20
        224.0.0.0        240.0.0.0    192.168.7.54    192.168.7.54      20
  255.255.255.255  255.255.255.255    192.168.7.54          100002      1
  255.255.255.255  255.255.255.255    192.168.7.54    192.168.7.54      1
  255.255.255.255  255.255.255.255    192.168.7.54          100003      1
Default Gateway:    192.168.7.133
===========================================================================


after:

Code:

===========================================================================
Active Routes:
Network Destination        Netmask          Gateway      Interface  Metric
          0.0.0.0          0.0.0.0    192.168.7.133    192.168.7.54      21
          0.0.0.0          0.0.0.0  192.168.106.115  192.168.106.115      1
        127.0.0.0        255.0.0.0        127.0.0.1      127.0.0.1      1
      192.168.7.0    255.255.255.0    192.168.7.54    192.168.7.54      20
      192.168.7.0    255.255.255.0  192.168.106.115  192.168.106.115      1
    192.168.7.54  255.255.255.255        127.0.0.1      127.0.0.1      20
    192.168.7.255  255.255.255.255    192.168.7.54    192.168.7.54      20
  192.168.106.115  255.255.255.255        127.0.0.1      127.0.0.1      30
  192.168.106.255  255.255.255.255  192.168.106.115  192.168.106.115      30
    208.67.168.5  255.255.255.255    192.168.7.133    192.168.7.54      1
        224.0.0.0        240.0.0.0    192.168.7.54    192.168.7.54      20
        224.0.0.0        240.0.0.0  192.168.106.115  192.168.106.115      1
  255.255.255.255  255.255.255.255    192.168.7.54    192.168.7.54      1
  255.255.255.255  255.255.255.255  192.168.106.115  192.168.106.115      1
  255.255.255.255  255.255.255.255  192.168.106.115          100003      1
Default Gateway:  192.168.106.115
===========================================================================

When I'm doing a tracert to a local address example : 192.168.7.20

It ends up somewhere on the internet going through the vpn, so I tried changing the routing table like that

route change 192.168.7.0 mask 255.255.255.0 192.168.106.115 METRIC 21 IF 0x100002
route change 0.0.0.0 mask 0.0.0.0 192.168.106.115 METRIC 21 IF 0x100002

After that I ran a tracert again and it does not go through the vpn this time but all the requests are timing out.

rameshng 11-06-2013 10:59 PM

1. What is your Destination of file shares? 192.168.7.0? In this case you have already a local route for this subnet even before connecting your vpn client. That may be creating a problem.
2. Show a normal working tracert after connecting vpn client, to some servers which are accessible over vpn. this is to cross check the gateway when u access the network resource after connecting the vpn.
3. there could be a route problem at the vpn concentrator or further connected device for your obtain ip subnet.

rshaynes 11-07-2013 08:59 AM

Access to your local network will be dependent on the VPN endpoint (VPN Router, VPN Gateway, Secure Router) and the split tunnel mode assigned to your profile. "Enable_Inverse_Local" would be necessary to maintain connectivity to your local network.

Based on the during connection table above I would assume your tunnel mode is "enabled" only and your VIP (endpoint) is 208.67.168.5.

Changing your route table, again depending on endpoint, should disconnect you -- as client-side route table manipulation is frowned upon. Even if you manage to modify the routes, by changing the default gateway above to the same metric 21 as your existing gateway creates a non-deterministic route. The OS (Windows XP in your case) will choose the first entry only.

Whomever manages your endpoint needs to select the appropriate split tunnel mode "enable_inverse_local" to allow you to access local subnets.


All times are GMT -7. The time now is 08:50 AM.