Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN Tunneling cause 100% CPU
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
Hi,

i just downloaded win route for 3 server that are running over the internet and i tried creating a vpn between them.. All worked fine for all 3 servers but .The 3rd server has a 100 % cpu utilization as soon as the vpn was connected and no the 3rd server was not acting as a vpn router. i am able to access all 3 networks over vpn but i cant seem to fix the issue with the 100 % cpu utilization i don’t know what 2 do ..

the server having this issue is running on

amd 64 2.8xp
msi neo series
512 mb ram
120 gb hdd
ati 9600
winxp
winroute 6.1.3

The other 2 servers are running on

amd 64 2.8 xp
msi neo series mobo
786 mb ram
600 gb hdd
ati 9800
winxp
winroute 6.1.3

intel celeron 600 mhz
810 mobo
256 mb ram
5 gb hdd
winxp
winroute 6.1.3


Any help would be greatly appreciated

Regards

Peter Fernandez
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
Never mind I fixed the problem i guess now i have a different problem

as I said earlier I had 3 networks they are as follows

172.16.1.0

172.16.2.0

192.168.1.1

All of these are linked to each other via vpn.


Now the problem i am facing is... From the win route pc i am able to ping all networks and vice versa

Now from any client machine connected to win route from any network i can ping the 192.168.1.1 network and its client

But I can’t do the same for 172.16.1.0 and 2.0

So basically 192.168.1.0 network is accessible to all clients on different networks but he 172.16.1.0 and the 172.16.2.0 is not accessible from any client.. It’s only accessible via the server



any ideas..

??
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Add some static routes??
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
yes i have


the 172.16.1.1 is connected to 172.16.2.1 and the 192.168.1.1 is connected to 172.16.2.1

so i have added static routes for the same


on the 172.16.1.1 vpn end i have entered

static routes 172.16.2.0 255.255.255.0 & 192.16.1.0 255.255.255.0

and the same from the 192.168.1.1 which is

172.16.1.0 255.255.255.0
172.16.2.0 255.255.255.0

then from the router that is 172.16.2.1

i have entered static routes
for vpn link 172.16.1.1 which is 172.16.1.0 255.255.255

and 192.168.1.1 vpn link at 172.16.2.1 i have entered 192.168.1.0 255.255.255.0


as i said again i am able to access the 192.168.1.1 network from any where

but i cant access the 172.16.1.0 and the 172.16.2.0 from every where i can access this only from the server Sad

  •  
the king

Messages: 1
Karma: 0
Send a private message to this user
i had the same problem a wil a go,
dit you restart the server ? this wil cleanup some routes windows made in his cash. if it dont work, add the routes in windows (cmd) this wil work.
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
i tried doing the same thing same problem i dont know where i am going wrong


damn
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
what is really funny is that


server 1 vpn ip = 172.17.2.2 lan ip 172.16.1.1
server 2 vpn ip = 172.17.2.1 lan ip 172.16.2.1
server 3 vpn ip = 172.17.2.3 lan ip 192.168.1.1

i am able to ping the 172.17.2.0 range for any nework and any client


i cant add static routes for the 172.16.1.0 range or 172.16.2.0 range and have them accessable from all networks

only works for 192.168.1.0 network

trust me i luv winroute i just seem to be getting frustrating now as i been trying to reslove this issue for over a week now and the freaking demo expiry date is getting over so i dont know if i should buy it or not if it doesnt slove my problem

[Updated on: Fri, 30 December 2005 17:17]

  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
petes.fer wrote on Fri, 30 December 2005 14:42

server 1 vpn ip = 172.16.2.2 lan ip 172.16.1.1
server 2 vpn ip = 172.16.2.1 lan ip 172.16.2.1
server 3 vpn ip = 172.16.2.3 lan ip 192.168.1.1

i am able to ping the 172.17.2.0 range for any nework and any client

i cant add static routes for the 172.16.1.0 range or 172.16.2.0 range and have them accessable from all networks



Please note that IP address range for VPN tunnels (VPN clients) MUST BE different from IP ranges used in each LAN. Otherwise routing tables on tunnel's ends will not be correctly updated.

Petr Dobry
Product Development Manager | Kerio
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
sorry that was my mistake..


the vpn client ips are in the rage of

172.17.2.0

sorry

  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
fixed the problem Very Happy
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
petes.fer wrote on Wed, 04 January 2006 17:49

fixed the problem Very Happy


Might you enlighten us with the solution?
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
again i am sorry as i should have told u what happened

it was a screw up from my end

i previously said my network ip and subnets were

172.16.1.0 255.255.255.0
172.16.2.0 255.255.255.0

but it was

172.16.1.0 255.255.0.0
172.16.2.0 255.255.0.0

most network gurus out there should know what went wrong .

if u dont will explain in detail


regards

pete
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
You had one big subnet instead of seperate ones... Ok, that's clear. Ah well, screw-ups happen Smile
  •  
r.aerts

Messages: 19
Karma: 0
Send a private message to this user
Hi petes.fer,
Could you explain to me in detail why?

thx!
  •  
petes.fer

Messages: 10
Karma: 0
Send a private message to this user
its very simple..


when i said that my subnet is 255.255.0.0 instead of 255.255.255.0

that means that the 172.16.1.0 and the 172.16.2.0 falls into the same subnet 255.255.0.0 .. ring a bell??

so when u see the routeing table you will find a route saying

172.16.0.0 255.255.0.0

so every time i added a static route for the vpn for 172.16.2.0 it used to get confused... as both of ip ranges falls into the 255.255.0.0 subnet
Previous Topic: DNS issue...
Next Topic: Restrict user access to clientless ssl-vpn
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 16:44:39 CET 2017

Total time taken to generate the page: 0.00604 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.