Windows Vista and Windows7 routing problem after VPN established
Hi to everybody,
I need help about a problem that is making me crazy; it's a routing problem that happens ONLY using Windows Vista or Windos 7; with Windows XP all works perfectly.
SCENARIO: In the following 6 firewalls installed, I have: 1 ASA5505, 2xPIX506E, 3xPIX501; in the attached file you can find the related configuration.
PROBLEM: after created VPN tunnel, ALWAYS Windows XP creates automatically a dynamic route in order to allow trafic between the IP got (assigned by firewall) and the LAN addresses; using Windows VISTA or Windows 7 this route is not created, but it happens ONLY for 3 of these 6 firewall configurations (in the folder OK, you can find the configuration of "working" firewalls, into "NO OK" where it doesn't work).
I don't catch the difference in the configurations.
I know: there are some rules (static, access-list, etc) there are no longer used/needed (or also correct), but, at the moment, the target is to find (and to repair) the difference.
NOTES: in Windows 7, I have seen that if, in the VPN IP configuration got after VPN established, there isn't the default gateway set, it always works. One of the "working" configurations sets the DG on Client (192.168.202.x) but it works, the other 2 configurations don't set the DG (Why is it set or not? Where can I define that in configuration/access-list?).
Example: Let's assume that, after creating the VPN tunnel, the client obtains the IP: 192.168.53.1 and I want to ping the device 192.168.100.1 on LAN; while Windows XP is always able to ping the device, Windows 7 and Windows VISTA (but only for 3 of these 6 firewalls) not; so, in order to make it working under Vista or 7, I have to open a COMMAND PROMPT with Administrative rights and add the command (in the example):
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...