We have configured a IPSec-tunnel that has on one side the Cisco router 876 and on the other side the Cisco VPN Client. The tunnel is established without problems and the server on the Cisco router 876-side can be reached without problems, when Cisco VPN Client is used on a client with 32 bit.
But, if the Cisco VPN Client with 64 bit on a Windows 7 client is used, the server on the Cisco router 876-side cannot be reached although the tunnel is established correctly. The difference that I could notice is that with 32 bit the standard gateway of the client has the same IP-address as the client interface of the Windows (XP) 32 bit-system. With 64 bit (Windows 7) however the IP address is different than the IP of the client interface and usually does not exist. So we suspect that the server cannot be reached because a non-existent standard-gateway is configured.
Question now is with 64 bit how to define the correct standard-gateway on the client system.
The default GW behavior is specific to vista and on (if I properly understand what you're saying).
I'll quote an internal reference:
Due to changes in the way Vista behaves with routing, the default gateway method of the VPN Client routing needed to be changed.
Prior to 4.8.02.0010, the default gateway of a tunnel all connection pointed directly at the VPN assigned IP address.
Vista didn't like this so it was changed to point at a fake IP address on the VPN assigned subnet. This does not affect traffic to this address if it happens to overlap with an actual device on that subnet.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :