Matthew's solution http://lists.shrew.net/mailman/htdig/vpn-help/2008-November/001827.html is correct, however, for some reason, you may not see success immediately.
I experienced the exact same thing (with ModeConfig and virtual adapter settings only, all other VPN configurations worked as expected) under Ubuntu 10.04 64-bit desktop. If you read RFC1812, you will understand that these settings only affect virtual adapter configs. I set rp_filter=0 in sysctl.conf and sysctl.d/10-network-security-conf, rebooted, and verified the settings, yet it didn't work for me either (at first). You may have to wait for the SA timeouts and try again, or reboot the remote VPN endpoint (firewall/router). Eventually the rp_filter changes did fix the problem, but I have no idea why it did not work at first. _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
