VPN client can’t access to a computer without gateway or route return

Clearapps network inventory
software.

VPN client can’t access to a computer without gateway or route return

Situation: a multihomed computer is setup one NIC connecting to a DMZ (IP 172.254.2.0/16) with default gateway and another other network NIC connecting the LAN (IP 10.0.0.0/16) without gateway. The user can establish the VPN using IP 192.169.198.0/24 to access the LAN but not this multihomed computer because LAN NIC doesn’t have gateway or route return. The below are the results of ipconfig and routing table.

ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 10.0.0.106

Subnet Mask . . . . . . . . . . . : 255.255.0.0

Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 172.254.2.66

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 172.254.2.251

route print

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 04 76 35 e1 18 ...... 3Com 3CSOHO Fast Ethernet Adapter - Packet Sched

uler Miniport

0x3 ...00 17 a4 40 73 11 ...... Broadcom NetXtreme Gigabit Ethernet - Packet Sch

eduler Miniport

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 172.254.2.251 172.254.2.66 20

10.0.0.0 255.255.0.0 10.0.0.106 10.0.0.106 20

10.0.0.106 255.255.255.255 127.0.0.1 127.0.0.1 20

10.255.255.255 255.255.255.255 10.0.0.106 10.0.0.106 20

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

172.254.2.0 255.255.255.0 172.254.2.66 172.254.2.66 20

172.254.2.66 255.255.255.255 127.0.0.1 127.0.0.1 20

172.254.255.255 255.255.255.255 172.254.2.66 172.254.2.66 20

224.0.0.0 240.0.0.0 10.0.0.106 10.0.0.106 20

224.0.0.0 240.0.0.0 172.254.2.66 172.254.2.66 20

255.255.255.255 255.255.255.255 10.0.0.106 10.0.0.106 1

255.255.255.255 255.255.255.255 172.254.2.66 172.254.2.66 1

Default Gateway: 172.254.2.251

===========================================================================

Persistent Routes:

None

Solution: modify the routing table on the multihomed computer so that the computer has route return to the VPN. In our case, do this command “route add 192.168.198.0 mask 255.255.255.0 10.0.0.2”. The below is the modified routing table.

route print

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 04 76 35 e1 18 ...... 3Com 3CSOHO Fast Ethernet Adapter - Packet Sched

uler Miniport

0x3 ...00 17 a4 40 73 11 ...... Broadcom NetXtreme Gigabit Ethernet - Packet Sch

eduler Miniport

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 172.254.2.251 172.254.2.66 20

10.0.0.0 255.255.0.0 10.0.0.106 10.0.0.106 20

10.0.0.106 255.255.255.255 127.0.0.1 127.0.0.1 20

10.255.255.255 255.255.255.255 10.0.0.106 10.0.0.106 20

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

172.254.2.0 255.255.255.0 172.254.2.66 172.254.2.66 20

172.254.2.66 255.255.255.255 127.0.0.1 127.0.0.1 20

172.254.255.255 255.255.255.255 172.254.2.66 172.254.2.66 20

192.168.198.0 255.255.255.0 10.0.0.2 10.0.0.106 1

224.0.0.0 240.0.0.0 10.0.0.106 10.0.0.106 20

224.0.0.0 240.0.0.0 172.254.2.66 172.254.2.66 20

255.255.255.255 255.255.255.255 10.0.0.106 10.0.0.106 1

255.255.255.255 255.255.255.255 172.254.2.66 172.254.2.66 1

Default Gateway: 172.254.2.251

===========================================================================

Persistent Routes:

None

Post your questions, comments, feedbacks and suggestions

Contact a consultant