0

VPN client breaks routing table on Server by routing local IP to VPN subnetwork. I can't change anything in VPN client so I'm trying to restore route to my host so that apps using 192.168.1.2 as localhost address was able to communicate each other normally.

My network:

Router 192.168.1.1
Server 192.168.1.2

This is how it works normally:

C:\>route print
===========================================================================
Interface List
 12...54 6b 25 e0 8e 04 ......Check Point Virtual Network Adapter For SSL Network Extender
  3...40 8d 5c e2 80 ad ......Killer E2200 Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  8...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  8    331 ::/0                     On-link
  1    331 ::1/128                  On-link
  8    331 2001::/32                On-link
  8    331 2001:0:9d38:78cf:3068:26aa:3f57:fefd/128
                                    On-link
  3    281 fe80::/64                On-link
  8    331 fe80::/64                On-link
  8    331 fe80::3068:26aa:3f57:fefd/128
                                    On-link
  3    281 fe80::6899:a578:4146:29e/128
                                    On-link
  1    331 ff00::/8                 On-link
  8    331 ff00::/8                 On-link
  3    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

Tracing route to local IP works as it should:

C:\>tracert 192.168.1.2

Tracing route to MAIN [192.168.1.2]
over a maximum of 30 hops:

  1    <1 мс    <1 мс    <1 мс  MAIN [192.168.1.2]

Trace complete.

Router table fix:

route delete 192.168.1.2
route add 192.168.1.2 0.0.0.0

After routing table fix apply (just testing if the fix works correctly without using VPN client):

C:\>route print
===========================================================================
Interface List
 12...54 6b 25 e0 8e 04 ......Check Point Virtual Network Adapter For SSL Network Extender
  3...40 8d 5c e2 80 ad ......Killer E2200 Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  8...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2     26
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  8    331 ::/0                     On-link
  1    331 ::1/128                  On-link
  8    331 2001::/32                On-link
  8    331 2001:0:9d38:78cf:3068:26aa:3f57:fefd/128
                                    On-link
  3    281 fe80::/64                On-link
  8    331 fe80::/64                On-link
  8    331 fe80::3068:26aa:3f57:fefd/128
                                    On-link
  3    281 fe80::6899:a578:4146:29e/128
                                    On-link
  1    331 ff00::/8                 On-link
  8    331 ff00::/8                 On-link
  3    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

Tracing route to local IP goes through router:

C:\>tracert 192.168.1.2

Tracing route to MAIN [192.168.1.2]
over a maximum of 30 hops:

  1     *       <1 мс    <1 мс  router.asus.com [192.168.1.1]
  2  ^C

How to make it use local loop again for routing instead of 192.168.1.1? Changing route metric to 306 did not help also.

Zur13
  • 101
  • 1
  • the vpn client connect where? you miss some detail – yagmoth555 Apr 15 '17 at 10:42
  • I've isolated the problem to this minimal set: the route stop working even when no VPN connection established. After using the script which delete and re-add route to 192.168.1.2 the re-added route stops working but the routing table looks the same. – Zur13 Apr 15 '17 at 17:45
  • Why you have to play with route is strange, I usually never do that except in rare case where the main router cant do ICMP redirect, but its for other subnet, not IP in the same subnet – yagmoth555 Apr 15 '17 at 17:51
  • The other network accessed by VPN has some addresses which intersects with addresses of my network. The server IP is one of such addresses which routed by their VPN client (they are using Check Point software to organize VPN access to their network). I still don't understand why before the script usage tracert ends on local loop and after script usage it goes to router. – Zur13 Apr 15 '17 at 18:27

0 Answers0