Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

how to troubleshoot the VPN client on Win platform

Hi, I encountered a strange problem with VPN client. The VPN client can connect to the peer and successfully got the ip address, but can not access the peer security subnet. I checked the Win system routing table, it seems ok. I checked the statistics of the VPN client, found there is no figure in encrypted and decrypted. It seems my data packets all bypass the VPN client. I also tried to add a host route in system, but failed. At this moment, would you provide any suggestions for me to go further investigation about this issue ?

Thx a lot !

2 REPLIES
New Member

Re: how to troubleshoot the VPN client on Win platform

What device is the VPN client connected to? A VPN Concentrator?

Could you provide the output of your routing table on the Windows system while the VPN is connected?

Do you have split-tunneling enabled?

New Member

Re: how to troubleshoot the VPN client on Win platform

Hi Msrohman,

Thanks for your reply.

Actually I don't know what the peer equipment is. We are using the VPN client 4.0 and some doc said 4.x version will not open the split-tunneling but I don't know how to confirm that.

Another hand, I had done some testing. I used my account in the issued PC and it works fine. The problem seems not relate to the user account.

Here is the routing table:

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.16.1 192.168.16.146 20

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

172.16.0.0 255.255.0.0 172.16.1.21 172.16.1.21 10

172.16.1.21 255.255.255.255 127.0.0.1 127.0.0.1 10

172.16.255.255 255.255.255.255 172.16.1.21 172.16.1.21 10

192.168.4.0 255.255.255.0 172.16.1.21 172.16.1.21 1

192.168.16.0 255.255.255.0 192.168.16.146 192.168.16.146 20

192.168.16.87 255.255.255.255 192.168.16.146 192.168.16.146 1

192.168.16.146 255.255.255.255 127.0.0.1 127.0.0.1 20

192.168.16.255 255.255.255.255 192.168.16.146 192.168.16.146 20

192.168.100.189 255.255.255.255 192.168.16.6 192.168.16.146 1

218.249.XXX.XXX 255.255.255.255 192.168.16.1 192.168.16.146 1

224.0.0.0 240.0.0.0 172.16.1.21 172.16.1.21 10

224.0.0.0 240.0.0.0 192.168.16.146 192.168.16.146 20

255.255.255.255 255.255.255.255 172.16.1.21 172.16.1.21 1

255.255.255.255 255.255.255.255 192.168.16.146 192.168.16.146 1

Default Gateway: 192.168.16.1

===========================================================================

Note that the 172.16.1.21 is assigned by peer. And the target subnet is 192.168.4.0/24. The peer is 218.249.XXX.XXX.

Thanks a lot!!

120
Views
0
Helpful
2
Replies