L2TP/IPSEC VPN is configured and works perfectly well with local address pool.
Clients use Windows L2TP client generated using CMAK.
Due to our expanded LAN infrastrcture and variety of local IP addressing I need to inject Classless Static Routes into client machines, whilst their default route remains unchanged (effectively a split tunneling).
I considered using DHCP Options 121/249, which seemed quite an easy task. Unfortuantely, it appeared not that easy at all, I am troubled to make it work, please help!
I use Windows Server 2008 R2 as DHCP server. with options 121 and 249 configured.
When I establish L2TP VPN Connection, Cisco PIX does not include 121/249 options in 'Parameter Request List' in it's DHCP Discover packet. Server in turn does not send these options in DHCP Offer packet because they were not requested. How do I make PIX/ASA request these options?
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...