[c-nsp] Cisco VPN Client Assigns Incorrect Default Gateway
Aaron Riemer
ariemer at wesenergy.com.au
Wed Mar 10 01:09:48 EST 2010
Hi Guys,
I am hoping someone may be able to help me out here. I am trying to
assign a block of IP Addresses to my VPN clients (specifically the
subnet 192.168.254.0/24) that is not on use on the internal network. For
some reason the clients are assigned a default gateway even though this
is not configured.
Is there a way to make sure the VPN client does not assign a default
gateway? I assumed if I was tunnelling all traffic then the default
gateway would not be required? The reason I ask this is because the VPN
client just seems to assign a random default gateway and as a result
routing does not work. See below for config.
username vpntest password encrypted
username vpntest attributes
vpn-group-policy vpntest
!
group-policy vpntest internal
group-policy vpntest attributes
banner value **** Welcome to Test *****
dns-server value x.x.x.x
vpn-idle-timeout none
vpn-session-timeout none
vpn-tunnel-protocol IPSec
default-domain value xxxxxxx
!
tunnel-group vpngroup type ipsec-ra
tunnel-group vpngroup general-attributes
address-pool new
default-group-policy vpntest
tunnel-group vpngroup ipsec-attributes
pre-shared-key *
!
ip local pool new 192.168.254.1-192.168.254.254 mask 255.255.255.0
!
Any thoughts?
Thanks,
Aaron.
LEGAL DISCLAIMER: This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
More information about the cisco-nsp
mailing list