Search This Blog

Monday, October 5, 2009

Cisco VPN client on 192.168.1.0

As you know if VPN client connected to 192.168.1.0 or any other local LAN subnet will connect to a remote LAN that use 192.168.1.0 or other subnet that is the same as local LAN, then there will be an IP range conflict. If you do full tunneling to remote LAN then you need to make sure that routing for remote LAN has lower metric than local LAN. You can use this script to fix the metric:



@ECHO off

%Windir%\system32\ipconfig.exe > %temp%\ipconfig.txt
type %temp%\ipconfig.txt|findstr /c:"IP Address" > %temp%\ip.txt
type %temp%\ip.txt|findstr /v "0.0.0.0" > %temp%\ip1.txt
FOR /F "delims=: tokens=2" %%I in (%temp%\ip1.txt) DO ECHO %%I > %temp%\justip.txt
FOR /F "delims=. tokens=1" %%A in (%temp%\justip.txt) DO SET octet1=%%A
FOR /F "delims=. tokens=2" %%B in (%temp%\justip.txt) DO SET octet2=%%B
FOR /F "delims=. tokens=3" %%C in (%temp%\justip.txt) DO SET octet3=%%C
FOR /F "delims=. tokens=4" %%D in (%temp%\justip.txt) DO SET octet4=%%D
del /q %temp%\ip1.txt
del /q %temp%\ip.txt
del /q %temp%\ipconfig.txt
del /q %temp%\justip.txt

Set IPAddress=%octet1%.%octet2%.%octet3%.%octet4%

REM ECHO %IPAddress%

%Windir%\system32\route.exe change 192.168.1.0 mask 255.255.255.0 %IPAddress% METRIC 1




As you know if in routing talbe there are two similair routes with different gateway then the last installed interface will get prority. Re-install Cisco VPN client and it will get priority over other interfaces, no need then for script above.

No comments: