Thursday, March 26, 2020

This... shouldn't work.

Sysadmin for a 1000 user multi-site corp here. I've been trying to figure out why random users have been having difficulty maintaining a solid connection to VPN recently. I was chalking it up to congestion due to the higher remote usage lately. For reference, we have a Pulse Secure PSA cluster using split tunneling on our VPN because we don't have a huge pipe. Client routes take precedence over tunnel routes. My own connection was having the same issues. One day it would be rock solid for 10-12 hours, the next day I'd maintain a connection, but could only reach internal hosts for 10-20 seconds, then I'd just get timeouts. Disconnect, reconnect, same thing. Today I had a continuous ping running to my corporate gateway (192.168.0.1) and was getting the expected timeouts. Then I disconnected the VPN, and I started getting responses....

Ok, wtf. I don't have that subnet anywhere on my home network.

tracert 192.168.0.1:

Tracing route to 192.168.0.1 over a maximum of 30 hops 1 <1 ms <1 ms <1 ms pfSense.redacted.net [192.168.1.1] 2 4 ms 3 ms 3 ms 192.168.0.1 Trace complete. 

Dafuq...

Traceroute from the router (UDP):

1 * * * 2 B3302.BLTMMD-LCR-22.verizon-gni.net (100.41.222.84) 10.542 ms B3302.BLTMMD-LCR-21.verizon-gni.net (100.41.222.82) 5.054 ms B3302.BLTMMD-LCR-22.verizon-gni.net (100.41.222.84) 6.779 ms 3 * * * 4 * * * 5 HundredGigE1-9-0-0.BSTNMA-LCR-21.verizon-gni.NET (140.222.236.11) 20.813 ms Bundle-Ether1000.BSTNMA-LCR-21.verizon-gni.NET (140.222.229.47) 19.213 ms HundredGigE1-9-0-2.BSTNMA-LCR-21.verizon-gni.NET (140.222.237.31) 16.929 ms 6 192.168.0.1 (192.168.0.1) 17.708 ms 16.380 ms 15.325 ms 

Help me out here. Why am I getting a response from a 1918 address after six hops over the internet?



No comments:

Post a Comment