On 11/21/2010 5:05 PM, Dick Kniep wrote:
Hi List,
I am trying to setup a VPN using Shrewsoft. The tunnel seems to come up
properly ( no errors), but no traffic passes thru the tunnel. When I use
tcpdump, it seems that the traffic is still going thru eth0 and not thru
tap0. I have edited sysctl for the rp_filter values, and I do get some
errors here, but I don't think it has anything to do with my problem.
sudo sysctl -a | grep rp_filter | grep -v arp
[sudo] password for dick:
error: "Invalid argument" reading key "fs.binfmt_misc.register"
error: "Invalid argument" reading key "dev.parport.parport0.autoprobe"
error: "Invalid argument" reading key "dev.parport.parport0.autoprobe0"
error: "Invalid argument" reading key "dev.parport.parport0.autoprobe1"
error: "Invalid argument" reading key "dev.parport.parport0.autoprobe2"
error: "Invalid argument" reading key "dev.parport.parport0.autoprobe3"
error: permission denied on key 'net.ipv4.route.flush'
error: permission denied on key 'net.ipv6.route.flush'
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.tap0.rp_filter = 0
Can anybody help here?
My guess is that the client doesn't have the correct security policies
installed to match your traffic. I'm not sure what kind of gateway you
use, but only a small portion actually pass this information to the
client automatically. In most cases, you have to add topology entries
under the policy tab in the site configuration. These must match what is
configured on the gateway exactly or there will be issues.
-Matthew
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
