From: mike-newsgroup@-DELETETHISPART-.upcraft.com   
      
   Mark Alexander Bertenshaw wrote:   
   > Hi -   
   >   
   > My network is acessible by via a VPN tunnel via Netscreen Remote 8.3 to a   
   > Netscreen 5GT.  The trust interface is 192.168.0.1.  Connections to   
   > 192.168.0.0/24 hosts from my users' remote PCs work fine.  However, we have   
   > a 10.0.0.0/24 network whose gateway is at 192.168.0.2.  Unfortunately, there   
   > seems to be no way to tell Windows 2000 to route packets to 10.0.0.0/24 via   
   > 192.168.0.1, because the "deterministic network enhancer" which is used by   
   > the Netscreen Remote software is under the radar of basic Windows 2000   
   > TCP/IP.  That is, "route ADD 10.0.0.0 MASK 255.255.255.0 192.168.0.2 METRIC   
   > 1 IF 0x2" does not work, because not unreasonably, there is no official   
   > route to the 192.168.0.0/24 subnet.   
   >   
   > Does anybody know whether it is possible to hack this so 10.0.0.0/24 packets   
   > are sent down the invisible VPN interface?  Looking at the Netscreen Remote   
   > software, there doesn't appear to be any way to add this, short of creating   
   > a completely separate tunnel for this interface (I imagine that I would have   
   > to bind a 10.0.0.x address to a new VPN gateway, somehow).   
   >   
   > Any ideas?   
   >   
   > --   
   > Mark Bertenshaw   
   > Kingston upon Thames   
   > UK   
      
   You need to add another subnet to the existing tunnel or if your user   
   interface only allows a single local and a single remote subnet when   
   defining a tunnel then you will need to create a second tunnel to the   
   same endpoint.   
      
      
   --   
   WARNING!  Email address has been altered for spam resistance.   
   Please remove the -deletethispart-. section before replying directly.   
   Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)