Go Back   TechArena Community > Technology > Networking & Security
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Thread Tools Search this Thread
Old 25-11-2010
Join Date: Jul 2010
Posts: 37
VPN and routing tables

I have the following scenario:
Corporate LAN ( -




| ----- (

ISA Server 2006 std. Up and running as a Firewall to accept VPN connections

| ----- (201.xxx.xxx.35)
I want my VPN clients can make remote control of your PC in the corporate, at this point, I have no problem, but you also want to surf but with their DSL connection, not VPN tunnel, that I have been clearing the option to "Use default gateway on remote network" in TCP / IP VPN connection. Now my clients effectively connect to the VPN and its connection to DSL Internet surfing without problems, but to do this I need to add a route in the routing tables of windows so that once connected to the VPN, the traffic to my segment / 21 comes out of the virtual interface of the VPN, I do it with a profile created with CMAK connection, which does the following:
route add mask
The question is that whenever I connect to my VPN IP Address I assign a separate client, within my DHCP range / 24. Obviously when I disconnect from the VPN, if not the next connections 192.167.50 address assigned me, I have problems with the routing table that is added automatically, I get the following error message:
"Error in the addition of the route: The interface index is wrong or the gateway is not on the same network as the interface. Check the IP address table for the machine."
Because this is the error, obviously if the VPN connection I assigned the IP and the route add command tries to get the traffic to the IP give me the above error. Is there any way to load a path that does not necessarily have to pick up any IP Address? Also please provide some details about IPSec, since want some notes regarding it. Thanks in advance to all for taking the time at least read this.
Reply With Quote
Old 25-11-2010
Join Date: Apr 2009
Posts: 65
Re: VPN and routing tables

If you make a virtual private network (VPN) connection to certain non-Microsoft VPN servers, you may not be able to send data over the VPN connection. The problem also occurs if you are making a one-way dial-on-demand connection from a Windows 2000-based server that is running the Routing and Remote Access service to certain non-Microsoft VPN servers. You may be able to establish a VPN connection, but you do not have connectivity and the VPN connection is dropped after a time-out period. This problem only occurs when the VPN client is running one of the following programs:
  • Windows 2000 that is using Internet Connection Sharing.
  • Windows 2000 Professional that has the Incoming Connections functionality turned on.
  • Windows 2000 Server that has Routing and Remote Access installed.
Standard Windows 2000-based VPN clients that are not running the Routing and Remote Access service do not experience this problem.
Reply With Quote
Old 25-11-2010
Join Date: Aug 2008
Posts: 129
Re: VPN and routing tables

I would like to give some information about IPSec. IPSec is a protocol defined by IETF to secure the exchange at the network layer. It is actually a protocol to make improvements in security to IP to ensure the confidentiality, integrity and authentication of trade. Transport mode provides protection primarily higher level protocols:
  • IPSec retrieves data from the layer 4 (TCP / transportation), signs and encrypts and sends to the layer 3 (IP / network). This allows it to be transparent between the TCP layer and IP layer and the coup of being relatively easy to implement.
  • There are several drawbacks:
    • IP header is generated by the IP layer and thus IPSec can not control it in this case.
    • He can not hide the addresses to believe in a virtual LAN between two LANs connected
    • So this does not guarantee not to use options Ips unintended
Reply With Quote
Old 25-11-2010
Join Date: Dec 2008
Posts: 87
Re: VPN and routing tables

IP Authentication Header (AH) manages,
  • Integrity: ensures that the invariant fields during transmission, in the IP header preceding the AH header and data
  • authentication to ensure that the sender is who he claims to be
  • Protection against replay: a package intercepted by a hacker can not be returned
  • it does not support confidentiality: data is signed but not encrypted
Confidentiality: data is encrypted encapsulated IP datagram. Authentication: it ensures that packets are good host with which it communicates (to know the key associated with the ESP to authenticate communication). Security Association (SA) defines the exchange of keys and security settings. There is a SA sense of communication. The security parameters are:
  • AH protocol and / or ESP
  • tunnel mode or transport
  • the algorithm used to encrypt the security, integrity checking
  • the keys used
Reply With Quote
Old 25-11-2010
Join Date: Apr 2008
Posts: 264
Re: VPN and routing tables

The exchange of keys for data encryption in IPSec can be done in three ways:
  • hand: not very practical
  • IKE (Internet Key Exchange) is a protocol developed for IPSec. ISAKMP (Internet Security Association and Key Management Protocol) is the fundamental role is the enterprise (negotiation and implementation), amending and deleting SAs. It consists of two segments:
    • Initial you will have to generate a protected channel and authenticated through which we swap a secret key used to derive the phase 2.
    • the second allows to set up IPSec with its parameters and a SA in each direction of message. Data exchanged is secluded through the channel established in phase 1.
Reply With Quote

  TechArena Community > Technology > Networking & Security
Tags: , , , , , ,

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads for: "VPN and routing tables"
Thread Thread Starter Forum Replies Last Post
NS2 and TORA Routing Protocol NetWorm Networking & Security 21 03-03-2012 12:34 AM
Failover routing AJAMU Networking & Security 4 22-08-2010 01:56 AM
Need information about Gateways in IP Routing Sheravat Networking & Security 3 16-08-2010 05:57 PM
How to enable ip routing giorgos Networking & Security 3 13-07-2009 10:52 PM
IP Routing Snake08 Networking & Security 3 12-01-2009 06:32 PM

All times are GMT +5.5. The time now is 05:30 PM.