KMcDermott
IS-IT--Management
Hi all...
having trouble resolving Microsoft (XP & 2000 clients) routing problems on Cisco VPN (3000 Concentrator) clients. I've found the following article ( that describes my problem perfectly, but only offers a resolution to older (9x/NT 3.x/4) clients:
"...Microsoft routing problems can occur when a Cisco VPN Client (VPN 3000 Client, Cisco Secure VPN Client, or VPN 5000 Client) gets an IP address from the device terminating the tunnel (Cisco VPN 3000 Concentrator, router, PIX Firewall, or VPN 5000 Concentrator) that is on the same network as the local Network Interface Card (NIC). This can occur if a user has a laptop on the corporate network with a Dynamic Host Configuration Protocol (DHCP) or static IP address (10.50.1.x), brings the laptop home, dials into an Internet Service Provider (ISP) and connects using the VPN Client. If the terminating device sends the VPN Client an IP address that is on the same network (10.50.1.x), the user cannot send any data over the client connection. The packets are sent to the NIC, instead of over the VPN connection, because the traffic is still routed out of the NIC. This problem occurs on Microsoft Windows 95, Windows 98, and Windows NT 4.0.
Symptoms of this problem are that the VPN tunnel comes up, but the PC cannot pass traffic. A route print command still shows the DHCP or static address, or both. If the IP address was received through DHCP, the DHCP lease can be manually released."
Wondering if someone can point me in the right direction for XP/2000 clients, or another resolution altogether.
Thanks in Advance!
Kevin
having trouble resolving Microsoft (XP & 2000 clients) routing problems on Cisco VPN (3000 Concentrator) clients. I've found the following article ( that describes my problem perfectly, but only offers a resolution to older (9x/NT 3.x/4) clients:
"...Microsoft routing problems can occur when a Cisco VPN Client (VPN 3000 Client, Cisco Secure VPN Client, or VPN 5000 Client) gets an IP address from the device terminating the tunnel (Cisco VPN 3000 Concentrator, router, PIX Firewall, or VPN 5000 Concentrator) that is on the same network as the local Network Interface Card (NIC). This can occur if a user has a laptop on the corporate network with a Dynamic Host Configuration Protocol (DHCP) or static IP address (10.50.1.x), brings the laptop home, dials into an Internet Service Provider (ISP) and connects using the VPN Client. If the terminating device sends the VPN Client an IP address that is on the same network (10.50.1.x), the user cannot send any data over the client connection. The packets are sent to the NIC, instead of over the VPN connection, because the traffic is still routed out of the NIC. This problem occurs on Microsoft Windows 95, Windows 98, and Windows NT 4.0.
Symptoms of this problem are that the VPN tunnel comes up, but the PC cannot pass traffic. A route print command still shows the DHCP or static address, or both. If the IP address was received through DHCP, the DHCP lease can be manually released."
Wondering if someone can point me in the right direction for XP/2000 clients, or another resolution altogether.
Thanks in Advance!
Kevin
