Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
0
Helpful
1
Replies

Routing errors in a VPN 3000 Concentrator

gudmo
Level 1
Level 1

‎12-23-2004 05:43 AM - edited ‎02-20-2020 11:49 PM

We're experiencing strange routing problems with our VPN Concentrator. Currently we are running software version 4.1.7.B.

The error is as follows.

We have a 10.0.0.0/8 static route in the box, however for most networks on the inside that any VPN client needs to talk to on this 10. private network we usually have to add a 24 bit static route for that specific network. We don't use the "Default gateway for Tunnels" address as we route everything static. Before we upgraded to the current software we had problems on our private networks only, ie sometimes a net that worked fine yesterday using the 8 bit route for the 10. network stopped working and was only fixed by adding a 24 bit static route.

Now however after the software upgrade we're getting the same error on our public interface, just yesterday a large part of an ISP customer base got suddenly disconnected from the VPN and couldn't connect again until a B class route was added into the VPN box. We do have a default route on the box that points to a gateway on our public network.

Has anyone experienced this kind of behaviour or heard of this elsewhere? Any solutions out there? We would love to hear about them.

0 Helpful
1 Reply 1

umedryk
Level 5
Level 5

‎12-29-2004 01:19 PM

Actually, if any of the routers inside are running, you need to enable the command 'ip classless' on them. Otherwise, the default route may not work for the subnets under the specific networks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card