On 01/12/2012 10:56 PM, Will Kalman wrote:
Thank you for the reply, Kevin!
I followed the Netgear How-To on the shrew.net site
(http://www.shrew.net/support/wiki/HowtoNetgear) to set this VPN up (thanks
for that!).
Is there a suggested change to those instructions you can suggest to enable
full tunneling? The only setting that I can see that might make a
difference is in the "Traffic Tunnel Security Level" where the local network
and it's subnet mask are set, but I can't find enough information about
those settings to be sure that they do what I want.
--Will
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Kevin VPN
Sent: Tuesday, January 03, 2012 7:41 PM
To: [email protected]
Subject: Re: [vpn-help] Making all connections go through VPN
On 12/17/2011 12:58 AM, Will Kalman wrote:
I have my Netgear FVS-318G VPN endpoint router VPN working great with
ShrewSoft VPN client but I notice that it does split-tunneling where
connections to my inside network go through the tunnel as expected,
but requests to the "internet-at-large" go directly out the client
machine's internet connection. Aside from secure access to my home
network (typically, I'm accessing the SVN server and file shares on my
Qnap NAS), which is working great, one of my goals was to route all my
internet connections through my home network for added security at
public wi-fi spots to eliminate snooping of email passwords, etc.
Has anyone gotten this to work as I'm looking to do? Client OS is Win7.
Hi Will,
What is tunnelled or not is dependent on the setting on the Policy tab of
the Shrew site configuration and also on the configuration of the VPN
gateway.
By default, a new site configuration is set to "Obtain Topology
Automatically or Tunnel All." This means that when you connect to the VPN
gateway, the Shrew client will accept from the gateway a configuration that
specifies what destinations to tunnel. If it fails to receive a list of
destinations to tunnel, then Shrew will try to tunnel all traffic.
Assuming you've not modified the default Policy configuration, then I would
suggest that your gateway is providing Shrew with only the ip range for your
inside network as a tunnel destination. To correct this you'll need to
change the configuration of the Netgear.
Hi Will,
I've not configured a Netgear device myself, but looking the screenshots
on the HowTo, you could try changing the Local IP Address and Local
Subnet Netmask to include all IPs in the Traffic Tunnel Security Level
section:
Local IP Address = 0.0.0.0
Local Subnet Netmask = 0.0.0.0
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
