Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Win2K3: VPN client doesn't add a route
  •  
Eatmeat

Messages: 4
Karma: 0
Send a private message to this user
After establishing a VPN connection a route to a remote network is not added to the table. Sometimes (like after reinstalling the client or rebooting the system) it's added successfully and everything works ok, but subsequent attempts always fail.

OS: Windows Server 2003 SP2 R2
VPN client: 7.1.2 build 2333

Log:
[21/Jun/2011 11:45:47] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:47] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} Connect(User: branch1, Server 217.217.217.217:4090, persistent, id[0008]).
[21/Jun/2011 11:45:48] {engine} VpnFSM: Connect().
[21/Jun/2011 11:45:48] {vpnClient} VPNClient[0008] - connecting to 217.217.217.217:4090, username branch1
[21/Jun/2011 11:45:48] {vpnClient} VPNClient[0008] - server name resolved - 217.217.217.217
[21/Jun/2011 11:45:48] {engine} WorkerThread signaled.
[21/Jun/2011 11:45:48] {engine} WorkerThread - sending status.
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {vpnClient} VPNClient[0008] - unable to add route to server - unable to add route, error 99
[21/Jun/2011 11:45:48] {vpnClient} VPNClient[0008] - local TCP address = 10.106.106.106:1964
[21/Jun/2011 11:45:48] {vpnClient} VPNClient[0008] - SSL connection successfully established
[21/Jun/2011 11:45:48] {engine} WorkerThread signaled.
[21/Jun/2011 11:45:48] {engine} WorkerThread - sending status.
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetCertificate().
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} VpnFSM: AcceptCertificate(Allow).
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} Reading configuration.
[21/Jun/2011 11:45:48] {engine} Persistent config changed (enabled).
[21/Jun/2011 11:45:48] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:48] {engine} Persistent config equals to current connection.
[21/Jun/2011 11:45:48] {vpnClient} VPNClient[0008] - sending VERSION message, version = 3
[21/Jun/2011 11:45:49] {vpnClient} VPNClient[0008] - received VERSION message, version = 3
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: generating blowfish parameters
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: allocated memory for blowfish cipher configuration.
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: blowfish parameters randomized
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: blowfish parameters generated
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: generating config message
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: generating config message
[21/Jun/2011 11:45:50] {vpnClient} VPNClient[0008] - received R_IPCONFIG V2 message, IP = 172.27.100.9/255.255.255.0, DNS = 192.168.10.2, 0.0.0.0 'unimed.loc', WINS = 0.0.0.0, 0.0.0.0, CEP = 3600 s.
[21/Jun/2011 11:45:50] {vpnClient} VPNClient[0008] - connection added in driver.
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: generating config message
[21/Jun/2011 11:45:50] {vpnCipher} BLF[7/1]: generating config message
[21/Jun/2011 11:45:50] {vpnClient} VPNClient[0008]: primary cipher added in driver
[21/Jun/2011 11:45:50] {vpnClient} VPNClient[0008] - driver started sending secret to 217.217.217.217:4090.
[21/Jun/2011 11:45:50] {vpnClient} VPNClient[0008] - waiting for SECRET_RECEIVED from 217.217.217.217:4090
[21/Jun/2011 11:45:50] {vpnClient} VPNClient[0008] - SECRET_RECEIVED received
[21/Jun/2011 11:45:50] {vpnClient} VPNClient[0008] - driver stopped sending secret to 217.217.217.217:4090.
[21/Jun/2011 11:45:51] {vpnMain} VPNClient[0008] - maintenance started
[21/Jun/2011 11:45:51] {vpnMain} VPNClient[0008] - route 172.27.100.0/255.255.255.0 (loc/added) added into list
[21/Jun/2011 11:45:51] {vpnMain} VPNClient[0008] - maintenance done
[21/Jun/2011 11:45:51] {engine} Callback StatusChanged called from libVpn(connected).
[21/Jun/2011 11:45:51] {engine} VpnFSM: Saving and sending status to Engine (connected).
[21/Jun/2011 11:45:51] {engine} WorkerThread signaled.
[21/Jun/2011 11:45:51] {engine} WorkerThread - sending status.
[21/Jun/2011 11:45:51] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:51] {vpnClient} VPNClient[0008] - received ROUTES message
[21/Jun/2011 11:45:51] {engine} VpnFSM: GetStatus().
[21/Jun/2011 11:45:51] {vpnMain} VPNClient[0008] - maintenance started
[21/Jun/2011 11:45:51] {vpnMain} VPNClient[0008] - route 192.168.10.0/255.255.255.0 (sys/not_added) added into list
[21/Jun/2011 11:45:51] {vpnMain} VPNClient[0008] - maintenance done
[21/Jun/2011 11:46:51] {vpnClient} VPNClient[0008] - sending Q_KEEPALIVE message


Address Mask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.106.106.106 10.106.106.106 1
10.106.106.106 255.255.255.255 127.0.0.1 127.0.0.1 50
10.255.255.255 255.255.255.255 10.106.106.106 10.106.106.106 50
89.250.144.19 255.255.255.255 10.106.106.106 10.106.106.106 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 169.254.48.90 169.254.48.90 20
169.254.48.90 255.255.255.255 127.0.0.1 127.0.0.1 20
169.254.255.255 255.255.255.255 169.254.48.90 169.254.48.90 20
172.27.100.0 255.255.255.0 172.27.100.9 172.27.100.9 20 - Pinging VPN server 172.27.100.1 fails but its physical address appears in the ARP table.
172.27.100.9 255.255.255.255 127.0.0.1 127.0.0.1 20
172.27.255.255 255.255.255.255 172.27.100.9 172.27.100.9 20
192.168.11.0 255.255.255.0 192.168.11.2 192.168.11.2 10
192.168.11.2 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.11.255 255.255.255.255 192.168.11.2 192.168.11.2 10

Thank you.
  •  
Eatmeat

Messages: 4
Karma: 0
Send a private message to this user
Solved by disabling RRAS service and, for incoming connections from VPN server, running "netsh>routing ip nat add interface name="Kerio Virtual Network" mode=FULL"

[Updated on: Thu, 23 June 2011 00:25]

Previous Topic: kerio vpn in ubuntu 11.04 x64
Next Topic: help configuring kerio winroute firewall 6.7.1
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 23 02:42:43 CET 2017

Total time taken to generate the page: 0.00310 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.