Hi Kevin at 15.09.2011 03:22, Kevin VPN wrote: > On 09/14/2011 10:58 AM, Erich Titl wrote: >> Hi Kevin >> >> at 14.09.2011 03:57, Kevin VPN wrote: >>> >>> Hi Erich, >>> >>> Based on the source and destination of the plaintext traffic being >>> private addresses, obviously it's possible to reach from the Shrew >>> client PC to the remote network in some path other than the tunnel. >>> Perhaps that path (route) has a lower metric than the VPN route, and is >>> thus used instead of the tunnel route. >> >> Right, the default route, unfortunately, has a metric of 25, whereas the >> Shrewsoft tunnel uses a metric of 31. Can this be configured in the >> product. >> > ...
> > I would suggest reading the posts below and playing with your adapter's > Automatic Metric and InterfaceMetric settings to see if you can correct > the problem. Thanks, in the real world, where the remote network cannot be reached directly, my setup works fine. I always thought that routing metrics were applied to rules with equal significance, so a default route should not be used when there is a more precise route iven with higher metrics. The route in this case is assigned dynamically using dhcp. AFAIK there is no dhcp router metrics option. Maybe in a directly connected setup icmp redirects take precedents. Thanks Erich
smime.p7s
Description: S/MIME Kryptografische Unterschrift
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
