computer cannot be accessed after connecting Junos Pulse VPN

Question

I have 2 machines in LAN, one is desktop, the other is a laptop. Before I connecting vpn on laptop, the laptop IP is 192.168.1.104 and the desktop is 192.168.1.107, I can ping the laptop from my desktop. After I connecting Junos Pulse vpn, I saw the following with ipconfig /all: 10.148.184.192 (this is IP of VPN connection) 192.168.1.104 (this is IP of my LAN). After the VPN is connected, I found I cannot ping or tracert my laptop (192.168.1.104) from my desktop (192.168.1.107).

Btw, the 2 machines have windows 7 installed.

Does anybody know why this could happen ? Is there any approach to connect my laptop from the desktop with the VPN connected ?

Below is my route table:

      **0.0.0.0          0.0.0.0    192.168.1.1    192.168.1.104     27
      0.0.0.0          0.0.0.0         在链路上     10.148.184.192     6**
10.148.184.192  255.255.255.255        在链路上     10.148.184.192    261
  65.44.121.0    255.255.255.0      192.168.1.1    192.168.1.104     27
  65.54.6.128  255.255.255.192      192.168.1.1    192.168.1.104     27
  65.54.6.192  255.255.255.224      192.168.1.1    192.168.1.104     27
 65.54.11.128  255.255.255.192      192.168.1.1    192.168.1.104     27

Also, this entire question should be on SuperUser or ServerFault, but I answered it anyway. You are welcome. — selbie, Nov 05 '16 at 18:11

selbie · Accepted Answer · 2016-11-05T18:15:20.080

This is typically by design. When you VPN into another network, your routing table gets modified such that the default route (0.0.0.0) goes through your new virtual IP address (10.148.184.192).

In your case, there are two default routes

  destination      netmask    gateway        interface         Metric
  0.0.0.0          0.0.0.0    192.168.1.1    192.168.1.104     27
  0.0.0.0          0.0.0.0       On-Link     10.148.184.192     6

But look what the VPN software did - the second route through 10.148.184.192 has lower "metric" (cost). So that effectively nullifies the first row, which is your original default route.

What you need to do is manually add a route to your other computer. I think it will be something like this:

  destination      netmask        gateway        interface         Metric
  192.168.1.107    255.255.255    On-Link     192.168.1.104        2

Type this at an elevated command prompt:

route add 192.168.1.107 mask 255.255.255.255 192.168.1.104 metric 2

Or if you want access to all the devices on the 192.168.1.* network, then this:

route add 192.168.1.0 mask 255.255.255.0 192.168.1.104 metric 2

And that should get your laptop to having access to your desktop again. Don't forget to delete this route when disconnected from VPN.

Thanks for your solution, and this really works.But I am wondering why I need to add this route rule to machine (192.169.1.104). Since this is the machine to be accessed, as my understanding, this rule means any outbound connection from 192.169.1.104. to 192.168.1.* will go this route, but actually the outbound connection is from 192.168.1.107 (I ping 192.168.1.104 from 192.169.1.107 , why not add this route on 192.168.1.107 ? — Wormholes, Nov 18 '16 at 06:30
Not sure I understand your comment, but I'm glad it worked for you. — selbie, Nov 18 '16 at 06:42

computer cannot be accessed after connecting Junos Pulse VPN

1 Answers1