CMAK "remove_gateway" in Vista Breaks VPN

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

We use CMAK to simplify vpn configuration for our users. The configuration
includes three static routes and the "remove_gateway" option for split
tunneling. This has worked in Windows XP & 2000, but seems to have a glitch
in Vista.

A Vista client will connect successfully, but no traffic is routed through
the default gateway nor does it seem to route traffic throug the VPN for the
static routes properly. It appears to be an issue with "remove_gateway," for
when I remove this option in the routes file, Vista is able to use the VPN
_as_ the default gateway just fine. Unfortunately, this isn't something we'd
like to do.

I would list the things I've tried, but it's quite lengthy so I thought I'd
first see if anyone has any insight into this problem. I will mention two
things: I've tried adding the default gateway myself after connecting, and
have installed KB930163, both to no avail. Any thoughts or ideas are
welcome!
 
We use CMAK to simplifyvpnconfiguration for our users. The configuration
includes three static routes and the "remove_gateway" option for split
tunneling. This has worked in Windows XP & 2000, but seems to have a glitch
inVista.

AVistaclient will connect successfully, but no traffic is routed through
the default gateway nor does it seem toroutetraffic throug theVPNfor the
static routes properly. It appears to be an issue with "remove_gateway," for
when I remove this option in the routes file,Vistais able to use theVPN
_as_ the default gateway just fine. Unfortunately, this isn't something we'd
like to do.

I would list the things I've tried, but it's quite lengthy so I thought I'd
first see if anyone has any insight into this problem. I will mention two
things: I've tried adding the default gateway myself after connecting, and
have installed KB930163, both to no avail. Any thoughts or ideas are
welcome!

Derek,

I am experiencing the same problems using our CMAK profile (which runs
the same post-connect actions that yours does) on our Vista machines
(works fine on 2000/XP machines).

One difference is that I can now route to the internal resources (I'm
not sure if installing 930163 made the difference - it was installed
via WSUS and I can't remember if everything failed when I first
started looking at the problem, or whether it was just the Internet
resources that were inaccessible even before 930163).

Never the less, the gateway reversal still isn't working (the routing
table 0.0.0.0 entry indicates it should be working, but it isn't). I
have engaged MS product support, and we are actively working on a
solution. I'll post back here with whatever solution/workaround/dead-
end we ultimately come to.

Trevor
 
Back
Top