RE: Controling the routes added to a pptp client.

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sun, 28 Sep 2003 10:48:09 -0500

Hi Willaim,

While not an ISA issue per se, this is an important question. That is
how it works, the VPN client receives a class based default route. You
can use the CMAK and Windows 2003 to hand out custom routing table
entries if you want. 

Are you wanting to use the routing table as a form of access control? It
might be better to use RRAS packet filters for that.

HTH,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 


-----Original Message-----
From: William Holmes [mailto:wtholmes@xxxxxxxxxxxxxx] 
Sent: Sunday, September 28, 2003 10:17 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Controling the routes added to a pptp client.

http://www.ISAserver.org


Hello,

How can one control the routes that are added to a pptp client when it
is added?

There is the situation (I have changed the actual IPs):

The pptp server allows access to 192.168.100.0/22, 192.168.24.0/24, and
192.168.26/24. The rest of the 192.168.x.x address space is not
available through the pptp tunnel.

When the client connects the following routes are added to the client
(the pptp net is 192.168.24.0/24).

      192.168.0.0      255.255.0.0    192.168.24.56   192.168.24.56
1
     192.168.24.0  255.255.255.128    192.168.24.56   192.168.24.56
1
    192.168.24.56  255.255.255.255        127.0.0.1       127.0.0.1
50
  192.168.255.255  255.255.255.255    192.168.24.56   128.84.227.56
50

        224.0.0.0        240.0.0.0    192.168.24.56   192.168.24.56
50


My question is why is the 192.168.0.0 route added? The pptp server is
not able to route to this entire network. What I would like to be able
to do is pass the specific subnets to the client to have them added to
the cliets routing table. Is this possible.

Thanks

Bill

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Controling the routes added to a pptp client.
• » RE: Controling the routes added to a pptp client.
• » Re: Controling the routes added to a pptp client.
• » Re: Controling the routes added to a pptp client.

1. Home
2. isalist
3. Archive
4. 09-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---