Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11311
Views
0
Helpful
7
Replies

SSL VPN - Unable to modify IP forwarding table

cdaero2
Level 1
Level 1

‎05-12-2005 10:32 AM - edited ‎02-21-2020 01:46 PM

Some of our clients cannot connect from home over SSL/VPN. The IPSec clients work for them but the SSL clients give the "cannot modify IP forwarding table error".

Other clients do not have this problem. We've noticed that Linksys and Netgear clients have some problems where as Apple Airport clients do not. I know there is an open caveat for Linksys but there is no explanation on Cisco's site for the real cause of this problem is.

Can anyone clarify?

2 people had this problem
Labels:
0 Helpful
7 Replies 7

umedryk
Level 5
Level 5

‎05-18-2005 10:25 AM

You need to check for the caveats of Linksys boxes...

0 Helpful

cdaero2
Level 1
Level 1
In response to umedryk

‎05-19-2005 08:01 AM

As I stated in the original post I know of the open caveat for Linksys. However more than just Linksys routers are giving this error and there is no explanation of the error just a "we've notified Linksys of the problem" message. Isn't there any more information on what is going on here?

0 Helpful

irafalovsky
Level 1
Level 1
In response to cdaero2

‎05-21-2005 11:34 PM

We have experienced the same problem, except it doesn't seem to be only related to an adapter type. Our office LAN is segmented from 10.0.0.0 space and for some users (IntelPRO wireless embedded adapter, for example), SSL VPN client would only work if the computer has 10.0.0.0 (regardless of subnetting). If their home LAN is, say a subnet of 192.168.0.0, the client will generate the same "cannot modify IP routing table" error.

CISCO folks, is there a fix for this, definitely seems like a software bug in SSL VPN client code...

0 Helpful

john.gudmann
Level 1
Level 1

‎05-22-2005 12:35 PM

I had the same problem :-)

After I remove the ip address range of my local lan.

eks 192.168.1.0 /24 from the network list. It work fine again. I'm using "spilt tunnel" and my concolusen is that the SSL client don't use the "use local lan" If you take at look of the status it's saying: loacl lan : Disabled But it work anyway

0 Helpful

irafalovsky
Level 1
Level 1
In response to john.gudmann

‎05-22-2005 03:10 PM

We have local LANs disabled in the CVPN and the only time this problem occurs is when the client's mashine's IP address is on the different IP address range from the office LAN and only for some clients. Still seems like a SSL VPN client bug to me, perhaps CISCO development folks can address this...

0 Helpful

cdaero2
Level 1
Level 1
In response to irafalovsky

‎05-26-2005 03:17 PM

its been a while and no input from Cisco directly...hello..is this microphone on? Need SSL VPN to work on 192.168 home networks!

0 Helpful

irafalovsky
Level 1
Level 1
In response to cdaero2

‎05-27-2005 06:18 AM

Could someone please open a TAC ticket for this issue? I just switched jobs and in the process of signing a support contract, so can't do it myself...

0 Helpful
Customers Also Viewed These Support Documents