Return to home page
Decrease font size by 1 pointChange font to 8 pointChange font to 9 point (default)Change font to 10 pointIncrease font size by 1 point

Log in or log out
TotalRoam Tech Notes

Implications of using a restricted Company LAN with networks having different default gateways

SUPPORT
Notes: Common Problems
FAQ Category: Common Problems Updated: 7/19/2005
ID Number: 10104 Title: Implications of using a restricted Company LAN with networks having different default gateways


Summary:
TotalRoam will tunnel all IP traffic from the Client to the Gateway when using the default Company LAN settings of 0.0.0.0 / 0.0.0.0. TotalRoam can be configured to tunnel only traffic destined toward a specific network by changing the Company LAN Network and Netmask settings. When using TotalRoam with a restricted Company LAN, IP traffic to destinations that are outside of the Company LAN will be handled by Windows using its route table. Access to destinations outside of the Company LAN however may be intermittent if the Client is using multiple network interfaces that each use different default gateways.


Symptoms:
Access to resources that are outside of the network defined by the Company LAN Network and Netmask fields may be intermittent. Sometimes access will be successful and sometimes it will not. As an example, consider a TotalRoam Client configured to use both a private WiFi network and a public CDMA network. If the Company LAN setting for the Client is restricted to the company’s private address range, say 10.10.0.0 /16, browsing public web sites may be intermittent.

Cause:
When configured with the default Company LAN setting of 0.0.0.0 / 0.0.0.0, TotalRoam will delete all of the default routes in the Windows route table and will add a single default route that uses the Gateway VPN IP address. By doing so, TotalRoam ensures that all IP traffic is sent over the VPN tunnel.

When using a restricted Company LAN setting, TotalRoam does not delete the existing default routes, leaving Windows in a state that may produce undesirable results. It’s worth noting that TCP/IP inherently cannot be expected to provide consistent access to resources reachable via default routing when multiple default routes are configured. This is an indeterminate state because the TCP/IP protocol only uses a single default route in the routing table at any one time for default route traffic. Undesirable results may occur if the network interfaces are connected to networks that cannot reach each other, otherwise referred to as disjoint networks.

 

Resolution:

If you must use multiple network interfaces that are connected to disjoint networks, avoid using a restricted Company LAN.

Applies To:
TotalRoam 4.0 Client
6100 Remote Access Router™ running TotalRoam 4.0
TotalRoam Support Notes