[c-nsp] Cisco VPN Client Assigns Incorrect Default Gateway

Aaron Riemer ariemer at wesenergy.com.au
Wed Mar 10 01:09:48 EST 2010


Hi Guys,

 

I am hoping someone may be able to help me out here. I am trying to
assign a block of IP Addresses to my VPN clients (specifically the
subnet 192.168.254.0/24) that is not on use on the internal network. For
some reason the clients are assigned a default gateway even though this
is not configured.

 

Is there a way to make sure the VPN client does not assign a default
gateway? I assumed if I was tunnelling all traffic then the default
gateway would not be required? The reason I ask this is because the VPN
client just seems to assign a random default gateway and as a result
routing does not work. See below for config.

 

username vpntest password encrypted

username vpntest attributes

 vpn-group-policy vpntest

!

group-policy vpntest internal

group-policy vpntest attributes

 banner value **** Welcome to Test *****

 dns-server value x.x.x.x

 vpn-idle-timeout none

 vpn-session-timeout none

 vpn-tunnel-protocol IPSec 

 default-domain value xxxxxxx

!

tunnel-group vpngroup type ipsec-ra

tunnel-group vpngroup general-attributes

 address-pool new

 default-group-policy vpntest

tunnel-group vpngroup ipsec-attributes

 pre-shared-key *

!

ip local pool new 192.168.254.1-192.168.254.254 mask 255.255.255.0

!

 

Any thoughts?

 

Thanks,

 

Aaron.

 


LEGAL DISCLAIMER: This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.


More information about the cisco-nsp mailing list