Several people have asked for me to post more detail about the CMD scripts that I wrote to get the Cisco VPN client working on my 64-bit Win 7 machine using Virtual XP .
Basically I have written two scripts. One adds routes to the subnets I need at work and the other deletes them. So – what are routes? Basically they are the directions that computers use to send communications to the right place.
The first thing you need to do is identify what network addresses are in use on your work network. Fortunately the Cisco client makes this fairly easy for you. Once the Cisco VPN client is installed in the virtual XP environment, connect the VPN and then Select the Statistics option from the Status menu in the VPN client window. This will list the subnets on your remote network as shown below:
I created a text file where each line in the file was a remote subnet and subnet mask, separated by a semicolon. For example if your remote network used three networks: 192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24 then your text file would look like this:
192.168.1.0;255.255.255.0
192.168.2.0;255.255.255.0
192.168.3.0;255.255.255.0
Save this text file to your hard drive. I saved mine in c:\utils\addroutes.txt
In a nutshell when I am connected to the VPN I run AddRoutes.cmd script and it helps the Windows 7 machine identify the traffic intended for my work network. In the example above it would need to know to send any traffic for the above three networks to the Loopback adaptor of the host as discussed in my previous post.
Here is what is in the AddRoutes.cmd script:
@Echo Off
Set GW=192.168.233.1
Echo Setting Up Routes:
for /F "delims=; tokens=1-2" %%i in (c:\utils\vpnroutes.txt) Do route add %%i Mask %%j %GW% metric 1>NUL
Echo Done!
(note that “for” through to NUL is all one line)
What does this do? The first line tells the script not to show the commands as it runs them.
The next line creates a variable called GW and sets it to the IP Address of the loopback adaptor.
The third line just provides some visual feedback and tells you that it is about to add the routes.
Line 4 is the workhorse. I’m not going to go into the nuts and bolts of the “for” command, but it is very powerful. If you want to know more, you can type “for /?” at the command line. In a nutshell what line 4 says is:
In C:\utils\vpnroutes.txt each line is a list of values seperated by semicolons. For each line run the following command with the first two values:
route add Value1 mask Value2 GW
Where GW is the address of the gateway we set in line 2.
That’s it – you are online and know how to talk to your VPN network.
Now when you disconnect you don’t need those routes anymore, and if you leave them there they may cause issues. So DeleteRoutes.cmd removes them again.
Here is what is in DelRoutes.cmd:
@Echo Off
Echo Deleteing Routes...
for /F "delims=; tokens=1" %%i in (c:\utils\vpnroutes.txt) Do route delete %%i>NUL
Echo Done!
This is very similar to the first script – For each line in the vpnroutes.txt file it runs a command to remove the route again.
There is one last thing you may need to make everything work as expected and that is name resolution. This one is easy to fix. If you know the address of your DNS server on your remote network add it as the DNS server on the properties of the loopback adaptor. This won’t cause any issues if you leave it there full time.
Hope that helps everyone. I will admit it is a bit of a nasty work around but it does work.