We have servers in a datacenter. Those servers are connected to the servers at the office by a site-to-site VPN. Sometimes one of the servers in the datacenter suddenly cannot connect to the servers in the office.
We figured out why.
What we saw was 'suddenly' an incorrect route was created. It pointed out to a weird IP-address. Deleting the route solved the issue since the server could connect to the office by using it's default gateway.
Next time it happened again. Now I was really curious where the weird gateway for the network was coming from. When running ipconfig I saw the weird IP-address was the address of another VPN. This VPN was instantiated by the 'Kerio VPN client'. I put it to a test:
- I deleted the incorrect route and tested the connection
- The connection checked out ok, everything worked
- Now I disconnected the Kerio VPN and checked again.
- Everything was ok
- Next stap was reconnecting the Kerio VPN and recheck.
- Voila, no connection and an incorrect route.
When looking up more info on the Kerio client I discovered it is a very simple configuration. Simply put in the ip/hostname to connect to, the username and the password and the rest is done automatically by the client.
However, in this case I don't want the client to create this particular route.
It seems the client looks up all available networks and creates routes for it :S Very handy maybe but I certainly prefer to do those things myself.
So how did I 'solve' it?
Solution
I disconnected the VPN. Then I manually created a route to my officenetwork and made it permanent. When reconnecting to the Kerio VPN it determines there is already an existing route to a particular network and it doesn't overwrite it.
Maybe it's of use in your situation too!
Ferry