login | register
Wed 22 of May, 2019 (10:19 UTC)

ICANA - Groups

Instituto Cultural Argentino Norteamericano

Cisco vpn not routing traffic

by alexbotovanka
Thursday 20 of December, 2018
Try to enable the log of the Cisco VPN Client.On the screeshot about the config of your client i see that the network has got the gateway But in the screenshot about your ipconfig i see that IP of network card VPN Client is but the Default gateway is missing. Why ?
Have a Cisco 3005 Concentrator and some users are not able to route traffic due to the gateway not being the same as the VPN interface. The issue occurred after one of the groups was deleted from the 3005 device. Users are able to connect but cannot reach the remote network. When looking at "route print" the gateway shows a different IP address other than the Interface IP of the VPN virtual device. Is there a way to force a change or clear out routes? Example; 100
http://bobtv.biz/cisco-vpn-not-routing-traffic.html">Cisco vpn not routing traffic</b>

Like many companies, Cisco uses cookies and other technologies, some of which are essential to make our website work. Others help us improve services and the user experience or to advertise. In using our site, you consent to the use of these cookies and other technologies.
I'm running Windows 8, it always worked and there was no changes on the firewall configuration, I removed all the Firewalls and Antivirus.I tryed with another PC, in the same network. I configured the same setting on Cisco VPN Client. Here I attach the two files of route, ipconfig and ping related to te BAD pc and to the GOOD pc.
It may be with the change to the default group that the address pool for the VPN client has changed. Please verify that routing to the remote client's network is available within your central site.
Split tunneling is enabled and yes the users were in the group that was deleted. The profile on the client side has been routing does not work. I've tried deleting routes and re-adding with no luck.

I look your route and i can see that for the network the gateway is I think that for the gateway is Can you show me the config of your asa about the VPN Remote Access ?
There are some group settings for NAT-T, so it makes sense that some clients had the problem but others didn't. Good to know that another cause of a VPN client routing problem could be related to the absence of NAT-T. I rated your answer.
Are you able to verify the remote clients' address pools? If the deleted group was assigned its own address pool then these clients will get new addresses. If they overlap with the concentrator's address it could cause some access problems.HTH

Do not think it is a Split Tunnel issue as the majority of the users have no issues. At this time 3 users have a routing issue that I am aware of, two of which were connected when the group was deleted and one was not connected when the group was deleted. Have re-installed the Cisco client on two of the three users and the routing issue still appears.
The concentrator will save a backup configuration file every time you save the configuration. Do you possibly have the backup file that could be used to determine the settings for the deleted group?My other question is, I haven't worked with Vista before, but does the output of the route print indicate that this PC has dual NICs?
I'm currently using Cisco System VPN Client Version on Windows 8 x64.


  • Version: 2.7.0

Powered by

  • Bitweaver
  • Smarty
  • Adodb
  • MySQL