Lan to Lan VPN question

Here is my setup:

1- Windows 2003 machine with only one nic (10.1.5.12/24) dialing in another
Windows 2003 machine with only one nic 192.168.10.4/24.

2- When connecting, the VPN interface receives the 10.1.6.1/24 (static
pool). The dial-in machine can ping the 192.168.10.4 address. The VPN server
VPN interface is 10.1.6.0/24.

3- From the server accepting the connection, I can't ping the private
(10.1.5.12) address of the dial-in machine. A "tracert 10.1.5.12" reveals
that it tries to send the packet to its default gateway (Internet access
router). It is normal because the VPN server does not "know" about the
10.1.5.x subnet, which is on the "other" side of the dial-in machine.

Now my question is: how do I add I a route to the 10.1.5.x subnet in the
server so that it will route the packets to this destination through the VPN
interface ?
------
Routing table of the server:
================================================== =========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.2 192.168.10.4 20
10.1.6.0 255.255.255.255 127.0.0.1 127.0.0.1 50
10.1.6.1 255.255.255.255 10.1.6.0 10.1.6.0 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.0 255.255.255.0 192.168.10.4 192.168.10.4 20
192.168.10.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.10.255 255.255.255.255 192.168.10.4 192.168.10.4 20
224.0.0.0 240.0.0.0 192.168.10.4 192.168.10.4 20
255.255.255.255 255.255.255.255 192.168.10.4 192.168.10.4 1
Default Gateway: 192.168.10.2
================================================== =========================
Persistent Routes:
None

Routing table of the client:
================================================== =========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.1.5.11 10.1.5.12 20
10.1.5.0 255.255.255.0 10.1.5.12 10.1.5.12 20
10.1.5.12 255.255.255.255 127.0.0.1 127.0.0.1 20
10.1.6.0 255.255.255.255 10.1.6.1 10.1.6.1 1
10.1.6.1 255.255.255.255 127.0.0.1 127.0.0.1 50
10.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 20
10.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 50
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
192.168.10.0 255.255.255.0 10.1.6.0 10.1.6.1 1
224.0.0.0 240.0.0.0 10.1.5.12 10.1.5.12 20
224.0.0.0 240.0.0.0 10.1.6.1 10.1.6.1 50
255.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 1
255.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 1
Default Gateway: 10.1.5.11
================================================== =========================
Persistent Routes:
None

Thank you !

Why did you decide to use 10.1.6.0/24 as the subnet for the remote
connections? If you had let DHCP decide or used a batch of IP addresses from
192.168.10.x it would work automatically. The server acts as a proxy for the
remotes. (This is called on subnet addressing).

If the remote users are in a different subnet from the LAN (called off
subnet addressing), you will need to enable IP routing on the RRAS server
and also make sure that the 192.168.10.0/24 subnet knows how to route
traffic for 10.1.6.0/24 to the RRAS router. It doesn't need to know about
the 10.1.5.0 addresses unless you want other machines behind the server to
be able to use the link. In that case, you would need to set up a site to
site VPN (ie a routed connection between the RRAS servers).

If you don't have control of the RRAS server at the 192.168.10.0/24 end,
there is nothing you can do at the other end. The routing must be set up at
the 192.168.10.0 end.

Pierrot Robert wrote:
> Here is my setup:
>
> 1- Windows 2003 machine with only one nic (10.1.5.12/24) dialing in
> another Windows 2003 machine with only one nic 192.168.10.4/24.
>
> 2- When connecting, the VPN interface receives the 10.1.6.1/24 (static
> pool). The dial-in machine can ping the 192.168.10.4 address. The VPN
> server VPN interface is 10.1.6.0/24.
>
> 3- From the server accepting the connection, I can't ping the private
> (10.1.5.12) address of the dial-in machine. A "tracert 10.1.5.12"
> reveals that it tries to send the packet to its default gateway
> (Internet access router). It is normal because the VPN server does
> not "know" about the 10.1.5.x subnet, which is on the "other" side of the
> dial-in machine.
>
> Now my question is: how do I add I a route to the 10.1.5.x subnet in
> the server so that it will route the packets to this destination
> through the VPN interface ?
> ------
> Routing table of the server:
> ================================================== =========================
> Active Routes:
> Network Destination Netmask Gateway Interface Metric
> 0.0.0.0 0.0.0.0 192.168.10.2 192.168.10.4 20 10.1.6.0
> 255.255.255.255 127.0.0.1 127.0.0.1 50 10.1.6.1
> 255.255.255.255 10.1.6.0 10.1.6.0 1 127.0.0.0
> 255.0.0.0 127.0.0.1 127.0.0.1
> 1 192.168.10.0 255.255.255.0 192.168.10.4 192.168.10.4
> 20 192.168.10.4 255.255.255.255 127.0.0.1 127.0.0.1
> 20 192.168.10.255 255.255.255.255 192.168.10.4 192.168.10.4 20
> 224.0.0.0 240.0.0.0 192.168.10.4 192.168.10.4 20
> 255.255.255.255 255.255.255.255 192.168.10.4 192.168.10.4 1
> Default
> Gateway: 192.168.10.2
> ================================================== =========================
> Persistent Routes: None
>
> Routing table of the client:
> ================================================== =========================
> Active Routes:
> Network Destination Netmask Gateway Interface Metric
> 0.0.0.0 0.0.0.0 10.1.5.11 10.1.5.12 20 10.1.5.0
> 255.255.255.0 10.1.5.12 10.1.5.12 20 10.1.5.12
> 255.255.255.255 127.0.0.1 127.0.0.1 20 10.1.6.0
> 255.255.255.255 10.1.6.1 10.1.6.1 1 10.1.6.1
> 255.255.255.255 127.0.0.1 127.0.0.1 50 10.255.255.255
> 255.255.255.255 10.1.5.12 10.1.5.12 20 10.255.255.255
> 255.255.255.255 10.1.6.1 10.1.6.1 50 127.0.0.0
> 255.0.0.0 127.0.0.1 127.0.0.1 1
> 192.168.10.0 255.255.255.0 10.1.6.0 10.1.6.1 1
> 224.0.0.0 240.0.0.0 10.1.5.12 10.1.5.12
> 20 224.0.0.0 240.0.0.0 10.1.6.1 10.1.6.1
> 50 255.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 1
> 255.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 1 Default
> Gateway: 10.1.5.11
> ================================================== =========================
> Persistent Routes:
> None
>
> Thank you !

Bill Grant wrote:
> If the remote users are in a different subnet from the LAN (called
> off subnet addressing), you will need to enable IP routing on the
> RRAS server and also make sure that the 192.168.10.0/24 subnet knows
> how to route traffic for 10.1.6.0/24 to the RRAS router. It doesn't
> need to know about the 10.1.5.0 addresses unless you want other
> machines behind the server to be able to use the link. In that case,
> you would need to set up a site to site VPN (ie a routed connection
> between the RRAS servers).

Yes, that is what I need. The computers on the 10.1.5.0 subnet need to use
the VPN link to connect to the 192.168.10.0 subnet.

So I understand from your answer that I need a site to site VPN. What are
the steps to achieve this ? I have control of both servers.
>
> If you don't have control of the RRAS server at the
> 192.168.10.0/24 end, there is nothing you can do at the other end.
> The routing must be set up at the 192.168.10.0 end.
>
> Pierrot Robert wrote:
>> Here is my setup:
>>
>> 1- Windows 2003 machine with only one nic (10.1.5.12/24) dialing in
>> another Windows 2003 machine with only one nic 192.168.10.4/24.
>>
>> 2- When connecting, the VPN interface receives the 10.1.6.1/24
>> (static pool). The dial-in machine can ping the 192.168.10.4
>> address. The VPN server VPN interface is 10.1.6.0/24.
>>
>> 3- From the server accepting the connection, I can't ping the
>> private (10.1.5.12) address of the dial-in machine. A "tracert
>> 10.1.5.12" reveals that it tries to send the packet to its default
>> gateway
>> (Internet access router). It is normal because the VPN server does
>> not "know" about the 10.1.5.x subnet, which is on the "other" side
>> of the dial-in machine.
>>
>> Now my question is: how do I add I a route to the 10.1.5.x subnet in
>> the server so that it will route the packets to this destination
>> through the VPN interface ?
>> ------
>> Routing table of the server:
>> ================================================== =========================
>> Active Routes:
>> Network Destination Netmask Gateway Interface
>> Metric 0.0.0.0 0.0.0.0 192.168.10.2 192.168.10.4 20
>> 10.1.6.0 255.255.255.255 127.0.0.1 127.0.0.1 50
>> 10.1.6.1 255.255.255.255 10.1.6.0 10.1.6.0 1
>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
>> 1 192.168.10.0 255.255.255.0 192.168.10.4 192.168.10.4
>> 20 192.168.10.4 255.255.255.255 127.0.0.1 127.0.0.1
>> 20 192.168.10.255 255.255.255.255 192.168.10.4 192.168.10.4 20
>> 224.0.0.0 240.0.0.0 192.168.10.4 192.168.10.4 20
>> 255.255.255.255 255.255.255.255 192.168.10.4 192.168.10.4 1
>> Default
>> Gateway: 192.168.10.2
>> ================================================== =========================
>> Persistent Routes: None
>>
>> Routing table of the client:
>> ================================================== =========================
>> Active Routes:
>> Network Destination Netmask Gateway Interface
>> Metric 0.0.0.0 0.0.0.0 10.1.5.11 10.1.5.12 20
>> 10.1.5.0 255.255.255.0 10.1.5.12 10.1.5.12 20
>> 10.1.5.12 255.255.255.255 127.0.0.1 127.0.0.1 20
>> 10.1.6.0 255.255.255.255 10.1.6.1 10.1.6.1 1
>> 10.1.6.1 255.255.255.255 127.0.0.1 127.0.0.1 50
>> 10.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 20
>> 10.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 50
>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
>> 192.168.10.0 255.255.255.0 10.1.6.0 10.1.6.1 1
>> 224.0.0.0 240.0.0.0 10.1.5.12 10.1.5.12
>> 20 224.0.0.0 240.0.0.0 10.1.6.1 10.1.6.1
>> 50 255.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 1
>> 255.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 1
>> Default Gateway: 10.1.5.11
>> ================================================== =========================
>> Persistent Routes:
>> None
>>
>> Thank you !

There is quite a bit of info in Windows help. If you need more, have a
look at www.microsoft.com/vpn .

Basically, you configure a routed connection between the two RRAS
servers. Each server has a demand-dial interface configured, and the routes
are set up linked to these demand-dial interfaces. When the link comes up,
the demand-dial interfaces become active and the system automatically adds
the routes to the routing table. Each router then has a route to the "other"
site through the VPN link.The VPN link acts as a simple (and slow) IP router
between the two LANs.

Pierrot Robert wrote:
> Bill Grant wrote:
>> If the remote users are in a different subnet from the LAN (called
>> off subnet addressing), you will need to enable IP routing on the
>> RRAS server and also make sure that the 192.168.10.0/24 subnet knows
>> how to route traffic for 10.1.6.0/24 to the RRAS router. It doesn't
>> need to know about the 10.1.5.0 addresses unless you want other
>> machines behind the server to be able to use the link. In that case,
>> you would need to set up a site to site VPN (ie a routed connection
>> between the RRAS servers).
>
> Yes, that is what I need. The computers on the 10.1.5.0 subnet need
> to use the VPN link to connect to the 192.168.10.0 subnet.
>
> So I understand from your answer that I need a site to site VPN. What
> are the steps to achieve this ? I have control of both servers.
>>
>> If you don't have control of the RRAS server at the
>> 192.168.10.0/24 end, there is nothing you can do at the other end.
>> The routing must be set up at the 192.168.10.0 end.
>>
>> Pierrot Robert wrote:
>>> Here is my setup:
>>>
>>> 1- Windows 2003 machine with only one nic (10.1.5.12/24) dialing in
>>> another Windows 2003 machine with only one nic 192.168.10.4/24.
>>>
>>> 2- When connecting, the VPN interface receives the 10.1.6.1/24
>>> (static pool). The dial-in machine can ping the 192.168.10.4
>>> address. The VPN server VPN interface is 10.1.6.0/24.
>>>
>>> 3- From the server accepting the connection, I can't ping the
>>> private (10.1.5.12) address of the dial-in machine. A "tracert
>>> 10.1.5.12" reveals that it tries to send the packet to its default
>>> gateway
>>> (Internet access router). It is normal because the VPN server does
>>> not "know" about the 10.1.5.x subnet, which is on the "other" side
>>> of the dial-in machine.
>>>
>>> Now my question is: how do I add I a route to the 10.1.5.x subnet in
>>> the server so that it will route the packets to this destination
>>> through the VPN interface ?
>>> ------
>>> Routing table of the server:
>>> ================================================== =========================
>>> Active Routes:
>>> Network Destination Netmask Gateway Interface
>>> Metric 0.0.0.0 0.0.0.0 192.168.10.2 192.168.10.4 20
>>> 10.1.6.0 255.255.255.255 127.0.0.1 127.0.0.1 50
>>> 10.1.6.1 255.255.255.255 10.1.6.0 10.1.6.0 1
>>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
>>> 1 192.168.10.0 255.255.255.0 192.168.10.4 192.168.10.4 20
>>> 192.168.10.4 255.255.255.255 127.0.0.1 127.0.0.1 20
>>> 192.168.10.255 255.255.255.255 192.168.10.4 192.168.10.4 20
>>> 224.0.0.0 240.0.0.0 192.168.10.4 192.168.10.4 20
>>> 255.255.255.255 255.255.255.255 192.168.10.4 192.168.10.4 1
>>> Default
>>> Gateway: 192.168.10.2
>>> ================================================== =========================
>>> Persistent Routes: None
>>>
>>> Routing table of the client:
>>> ================================================== =========================
>>> Active Routes:
>>> Network Destination Netmask Gateway Interface
>>> Metric 0.0.0.0 0.0.0.0 10.1.5.11 10.1.5.12 20
>>> 10.1.5.0 255.255.255.0 10.1.5.12 10.1.5.12 20
>>> 10.1.5.12 255.255.255.255 127.0.0.1 127.0.0.1 20
>>> 10.1.6.0 255.255.255.255 10.1.6.1 10.1.6.1 1
>>> 10.1.6.1 255.255.255.255 127.0.0.1 127.0.0.1 50
>>> 10.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 20
>>> 10.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 50
>>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
>>> 192.168.10.0 255.255.255.0 10.1.6.0 10.1.6.1
>>> 1 224.0.0.0 240.0.0.0 10.1.5.12 10.1.5.12
>>> 20 224.0.0.0 240.0.0.0 10.1.6.1 10.1.6.1 50
>>> 255.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 1
>>> 255.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 1
>>> Default Gateway: 10.1.5.11
>>> ================================================== =========================
>>> Persistent Routes:
>>> None
>>>
>>> Thank you !

I understand this very well, now my problem is how to enbale GRE passthrough
on my Cisco router with NAT, but this is off-topic.

Bill Grant wrote:
> There is quite a bit of info in Windows help. If you need more,
> have a look at www.microsoft.com/vpn .
>
> Basically, you configure a routed connection between the two RRAS
> servers. Each server has a demand-dial interface configured, and the
> routes are set up linked to these demand-dial interfaces. When the
> link comes up, the demand-dial interfaces become active and the
> system automatically adds the routes to the routing table. Each
> router then has a route to the "other" site through the VPN link.The
> VPN link acts as a simple (and slow) IP router between the two LANs.
>
> Pierrot Robert wrote:
>> Bill Grant wrote:
>>> If the remote users are in a different subnet from the LAN
>>> (called off subnet addressing), you will need to enable IP routing
>>> on the RRAS server and also make sure that the 192.168.10.0/24
>>> subnet knows how to route traffic for 10.1.6.0/24 to the RRAS
>>> router. It doesn't need to know about the 10.1.5.0 addresses unless
>>> you want other machines behind the server to be able to use the
>>> link. In that case, you would need to set up a site to site VPN (ie
>>> a routed connection between the RRAS servers).
>>
>> Yes, that is what I need. The computers on the 10.1.5.0 subnet need
>> to use the VPN link to connect to the 192.168.10.0 subnet.
>>
>> So I understand from your answer that I need a site to site VPN. What
>> are the steps to achieve this ? I have control of both servers.
>>>
>>> If you don't have control of the RRAS server at the
>>> 192.168.10.0/24 end, there is nothing you can do at the other end.
>>> The routing must be set up at the 192.168.10.0 end.
>>>
>>> Pierrot Robert wrote:
>>>> Here is my setup:
>>>>
>>>> 1- Windows 2003 machine with only one nic (10.1.5.12/24) dialing in
>>>> another Windows 2003 machine with only one nic 192.168.10.4/24.
>>>>
>>>> 2- When connecting, the VPN interface receives the 10.1.6.1/24
>>>> (static pool). The dial-in machine can ping the 192.168.10.4
>>>> address. The VPN server VPN interface is 10.1.6.0/24.
>>>>
>>>> 3- From the server accepting the connection, I can't ping the
>>>> private (10.1.5.12) address of the dial-in machine. A "tracert
>>>> 10.1.5.12" reveals that it tries to send the packet to its default
>>>> gateway
>>>> (Internet access router). It is normal because the VPN server does
>>>> not "know" about the 10.1.5.x subnet, which is on the "other" side
>>>> of the dial-in machine.
>>>>
>>>> Now my question is: how do I add I a route to the 10.1.5.x subnet
>>>> in the server so that it will route the packets to this destination
>>>> through the VPN interface ?
>>>> ------
>>>> Routing table of the server:
>>>> ================================================== =========================
>>>> Active Routes:
>>>> Network Destination Netmask Gateway Interface
>>>> Metric 0.0.0.0 0.0.0.0 192.168.10.2 192.168.10.4
>>>> 20 10.1.6.0 255.255.255.255 127.0.0.1 127.0.0.1 50
>>>> 10.1.6.1 255.255.255.255 10.1.6.0 10.1.6.0 1
>>>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
>>>> 1 192.168.10.0 255.255.255.0 192.168.10.4 192.168.10.4 20
>>>> 192.168.10.4 255.255.255.255 127.0.0.1
>>>> 127.0.0.1 20 192.168.10.255 255.255.255.255 192.168.10.4
>>>> 192.168.10.4 20 224.0.0.0 240.0.0.0 192.168.10.4
>>>> 192.168.10.4 20 255.255.255.255 255.255.255.255 192.168.10.4
>>>> 192.168.10.4 1 Default
>>>> Gateway: 192.168.10.2
>>>> ================================================== =========================
>>>> Persistent Routes: None
>>>>
>>>> Routing table of the client:
>>>> ================================================== =========================
>>>> Active Routes:
>>>> Network Destination Netmask Gateway Interface
>>>> Metric 0.0.0.0 0.0.0.0 10.1.5.11 10.1.5.12
>>>> 20 10.1.5.0 255.255.255.0 10.1.5.12 10.1.5.12 20
>>>> 10.1.5.12 255.255.255.255 127.0.0.1 127.0.0.1 20
>>>> 10.1.6.0 255.255.255.255 10.1.6.1 10.1.6.1 1
>>>> 10.1.6.1 255.255.255.255 127.0.0.1 127.0.0.1 50
>>>> 10.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 20
>>>> 10.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1 50
>>>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
>>>> 192.168.10.0 255.255.255.0 10.1.6.0 10.1.6.1
>>>> 1 224.0.0.0 240.0.0.0 10.1.5.12 10.1.5.12
>>>> 20 224.0.0.0 240.0.0.0 10.1.6.1 10.1.6.1 50
>>>> 255.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12 1
>>>> 255.255.255.255 255.255.255.255 10.1.6.1
>>>> 10.1.6.1 1 Default Gateway: 10.1.5.11
>>>> ================================================== =========================
>>>> Persistent Routes:
>>>> None
>>>>
>>>> Thank you !

With most Cisco systems its as simple as adding an allow gre statement.
Remember that you need to allow GRE both in and out. The encrypted data in
both directions has a GRE header.

Pierrot Robert wrote:
> I understand this very well, now my problem is how to enbale GRE
> passthrough on my Cisco router with NAT, but this is off-topic.
>
> Bill Grant wrote:
>> There is quite a bit of info in Windows help. If you need more,
>> have a look at www.microsoft.com/vpn .
>>
>> Basically, you configure a routed connection between the two RRAS
>> servers. Each server has a demand-dial interface configured, and the
>> routes are set up linked to these demand-dial interfaces. When the
>> link comes up, the demand-dial interfaces become active and the
>> system automatically adds the routes to the routing table. Each
>> router then has a route to the "other" site through the VPN link.The
>> VPN link acts as a simple (and slow) IP router between the two LANs.
>>
>> Pierrot Robert wrote:
>>> Bill Grant wrote:
>>>> If the remote users are in a different subnet from the LAN
>>>> (called off subnet addressing), you will need to enable IP routing
>>>> on the RRAS server and also make sure that the 192.168.10.0/24
>>>> subnet knows how to route traffic for 10.1.6.0/24 to the RRAS
>>>> router. It doesn't need to know about the 10.1.5.0 addresses unless
>>>> you want other machines behind the server to be able to use the
>>>> link. In that case, you would need to set up a site to site VPN (ie
>>>> a routed connection between the RRAS servers).
>>>
>>> Yes, that is what I need. The computers on the 10.1.5.0 subnet need
>>> to use the VPN link to connect to the 192.168.10.0 subnet.
>>>
>>> So I understand from your answer that I need a site to site VPN.
>>> What are the steps to achieve this ? I have control of both servers.
>>>>
>>>> If you don't have control of the RRAS server at the
>>>> 192.168.10.0/24 end, there is nothing you can do at the other end.
>>>> The routing must be set up at the 192.168.10.0 end.
>>>>
>>>> Pierrot Robert wrote:
>>>>> Here is my setup:
>>>>>
>>>>> 1- Windows 2003 machine with only one nic (10.1.5.12/24) dialing
>>>>> in another Windows 2003 machine with only one nic 192.168.10.4/24.
>>>>>
>>>>> 2- When connecting, the VPN interface receives the 10.1.6.1/24
>>>>> (static pool). The dial-in machine can ping the 192.168.10.4
>>>>> address. The VPN server VPN interface is 10.1.6.0/24.
>>>>>
>>>>> 3- From the server accepting the connection, I can't ping the
>>>>> private (10.1.5.12) address of the dial-in machine. A "tracert
>>>>> 10.1.5.12" reveals that it tries to send the packet to its default
>>>>> gateway
>>>>> (Internet access router). It is normal because the VPN server does
>>>>> not "know" about the 10.1.5.x subnet, which is on the "other" side
>>>>> of the dial-in machine.
>>>>>
>>>>> Now my question is: how do I add I a route to the 10.1.5.x subnet
>>>>> in the server so that it will route the packets to this
>>>>> destination through the VPN interface ?
>>>>> ------
>>>>> Routing table of the server:
>>>>> ================================================== =========================
>>>>> Active Routes:
>>>>> Network Destination Netmask Gateway Interface
>>>>> Metric 0.0.0.0 0.0.0.0 192.168.10.2 192.168.10.4 20
>>>>> 10.1.6.0 255.255.255.255 127.0.0.1 127.0.0.1 50 10.1.6.1
>>>>> 255.255.255.255 10.1.6.0 10.1.6.0 1
>>>>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
>>>>> 1 192.168.10.0 255.255.255.0 192.168.10.4 192.168.10.4 20
>>>>> 192.168.10.4 255.255.255.255 127.0.0.1
>>>>> 127.0.0.1 20 192.168.10.255 255.255.255.255 192.168.10.4
>>>>> 192.168.10.4 20 224.0.0.0 240.0.0.0 192.168.10.4
>>>>> 192.168.10.4 20 255.255.255.255 255.255.255.255 192.168.10.4
>>>>> 192.168.10.4 1 Default
>>>>> Gateway: 192.168.10.2
>>>>> ================================================== =========================
>>>>> Persistent Routes: None
>>>>>
>>>>> Routing table of the client:
>>>>> ================================================== =========================
>>>>> Active Routes:
>>>>> Network Destination Netmask Gateway Interface
>>>>> Metric 0.0.0.0 0.0.0.0 10.1.5.11 10.1.5.12 20
>>>>> 10.1.5.0 255.255.255.0 10.1.5.12 10.1.5.12 20 10.1.5.12
>>>>> 255.255.255.255 127.0.0.1 127.0.0.1 20
>>>>> 10.1.6.0 255.255.255.255 10.1.6.1 10.1.6.1 1
>>>>> 10.1.6.1 255.255.255.255 127.0.0.1 127.0.0.1 50
>>>>> 10.255.255.255 255.255.255.255 10.1.5.12 10.1.5.12
>>>>> 20 10.255.255.255 255.255.255.255 10.1.6.1 10.1.6.1
>>>>> 50 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
>>>>> 192.168.10.0 255.255.255.0 10.1.6.0 10.1.6.1 1
>>>>> 224.0.0.0 240.0.0.0 10.1.5.12 10.1.5.12 20
>>>>> 224.0.0.0 240.0.0.0 10.1.6.1 10.1.6.1 50
>>>>> 255.255.255.255 255.255.255.255 10.1.5.12
>>>>> 10.1.5.12 1 255.255.255.255 255.255.255.255 10.1.6.1
>>>>> 10.1.6.1 1 Default Gateway: 10.1.5.11
>>>>> ================================================== =========================
>>>>> Persistent Routes:
>>>>> None
>>>>>
>>>>> Thank you !