OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: bruch05 on January 20, 2019, 10:29:51 am

Title: VPN IPsec vs Windows 10 [SOLVED]
Post by: bruch05 on January 20, 2019, 10:29:51 am

Hello,

I've configured a VPN IPsec IKEv2 successfull. The Windows 10 VPN client connects without any trouble.
I've only one issue regardind the IP routing table on Windows 10 side.

The entry 0.0.0.0 to route traffic to the VPN gateway 10.2.0.1 is not set correctly.
Instead of i have 10.0.0.0 to VPN Gateway 10.2.0.1

IPv4 Table de routage
====================================================================
Itinéraires actifs :
Destination réseau    Masque réseau            Adr. passerelle     Adr. interface       Métrique
          0.0.0.0          0.0.0.0                       192.168.0.254     192.168.0.117     45
         10.0.0.0         255.0.0.0                    On-link                10.2.0.1              26
         10.2.0.1         255.255.255.255         On-link                10.2.0.1              281
         
I add a static route and the remote LAN is reachable.

C:\Users\Christophe>route add 0.0.0.0 MASK 0.0.0.0 10.2.0.1 METRIC 2

IPv4 Table de routage
===========================================================
Itinéraires actifs :
Destination réseau    Masque réseau     Adr. passerelle    Adr. interface        Métrique
          0.0.0.0           0.0.0.0                192.168.0.254    192.168.0.117     55
          0.0.0.0           0.0.0.0                On-link               10.2.0.1              27
         10.0.0.0          255.0.0.0             On-link               10.2.0.1              26
         10.2.0.1          255.255.255.255  On-link               10.2.0.1              281

So what i have to do get the 0.0.0.0 target network instead off 10.0.0.0
I'm sorry if it's a newbee question, but i help a charity association and network is not my core competency.

Thanks by advance
Best regards
Christophe (Paris-France)

Title: Re: VPN IPsec vs Windows 10
Post by: bartjsmit on January 20, 2019, 11:25:44 am

Hi Christophe,

Try this:

route -f add 0.0.0.0 mask 0.0.0.0 10.2.0.1 metric 2

The -f flag clears the old default gateway on Windows.

Bart...

Title: Re: VPN IPsec vs Windows 10
Post by: bruch05 on January 20, 2019, 04:23:34 pm

Hello,

Thx for your reply, i've already define this static route an i get the LAN.
My question is why the route 10.2.0.0 is defined instead of 0.0.0.0 ?

I use a Synology VPN Server and i don't have this behavior.

Thx

Tof

Title: Re: VPN IPsec vs Windows 10 [SOLVED]
Post by: bruch05 on January 20, 2019, 09:17:33 pm

Hello,

With these two commands, the client is correctly setup and the routing is ok.

Add-VpnConnection -Name "VPN_TEST" -ServerAddress "laclairiereXXXXX.fr" -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -AllUserConnection

Add-VpnConnectionRoute -ConnectionName "VPN_TEST" -DestinationPrefix 192.168.1.0/24 -PassThru

where 192.168.1.0 is the LAN subnet.

Regards
Christophe