Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3369
Views
0
Helpful
3
Replies

"AddRoute failed to add a route" error when connected via VPN Client

JonCommins
Level 1
Level 1

‎01-10-2014 11:31 AM

I'm setup a VPN tunnel between a Cisco 1921 router and a computer running "Software VPN Client".

So far, I've managed to connect to the router via VPN Client:

http://puu.sh/6gemz.png

"ipconfig" shows that I've obtained the new IP 10.70.12.5:

http://puu.sh/6geTQ.png

Which I can ping fine:

http://puu.sh/6geZ6.png

And I can ping my regular local machine IP OK:

http://puu.sh/6gf7l.png

However, I can no longer ping my regular local gateway, and otherwise have no network connectivity.

And when I look in the VPN Client log window, I see:

http://puu.sh/6ge1v.png

The first error says: "AddRoute failed to add a route with metric of 0: code 160".

Someone in this thread suggested the issue is caused by:

1) Running a 32bit client on 64 bit system. (But I'm running 64bit on 64 bit.)

2) Incorrect installation. (But I've tried re-installing.)

3) Firewall issues on software installation. (But my Windows firewall is disabled.)

4) GPO issues on running/installing software. (But I have full administrative rights.)

What can I do to resolve this?

Labels:
0 Helpful
3 Replies 3

JonCommins
Level 1
Level 1

‎01-10-2014 12:09 PM

Update:

I've also tried the this solution, with no success.

0 Helpful

JonCommins
Level 1
Level 1
In response to JonCommins

‎01-10-2014 12:45 PM

Fixed!!

I had specified a certain ACL to be used:

crypto isakmp client configuration group VPNCLIENTGROUP

key VPNCLIENTSHAREDKEY

dns 8.8.8.8

pool VPN_POOL

acl VPN_ACL

However, it was rather undefined, like this:

ip access-list extended VPN_ACL

I fixed it with the following:

ip access-list extended VPN_ACL

remark ### SPLIT TUNNEL ACL ###

permit ip 10.70.0.0 0.0.255.255 any

10.70.0.0/16 is the inside network of the router I'm tunneling in to.

Working like a charm now.

0 Helpful

LuiguiGV
Level 1
Level 1
In response to JonCommins

‎09-16-2017 03:30 PM

Hi John C.

I have the same exact problem but with a Cisco 2900 series, I implement your advice but still not working, same error pops up on the log...

Could you share your settings (sh run...log) with me (remove\replace your system info)...I'm desperate...please....

 

Thanks...

Luigui GV

0 Helpful
Customers Also Viewed These Support Documents