Kevin VPN <kvpn@...> writes: > > On 03/02/2012 05:52 PM, David G. Miller wrote: > > Kevin VPN<kvpn@...> writes: > > > >> > >> On 02/26/2012 12:58 AM, David G. Miller wrote: > >>> Hi List - > >>> > >>> I'm looking into whether there is a way to get the Shrew Soft VPN client > >>> working with Red Hat Enterprise Linux 6.X (or clones such as Scientific > >>> Linux or CentOS). > SNIP > > I finally got a working solution by setting net.ipv4.conf.eth0.rp_filter to > > zero. Unfortunately, this opens a significant security hole. > > Interesting discovery. It could be useful to someone despite the risks, > thanks for noting it. > You're welcome. > > The goal is to have the VPN client on the Internet facing EL6 box that also > > serves as my router and have multiple boxes within my local network be able > > to connect to the VPN through a single client. > > > > I don't have any suggestions for solving the issue specifically on > RHEL6, but someone was trying to do the same thing a little while ago > (one VPN client, client LAN routed through it) and it generated some > discussion. You could try reviving that thread and see what they ended > up doing: > http://lists.shrew.net/pipermail/vpn-help/2012-January/004224.html > I'm pretty sure I can solve the routing issues which is what that thread is mainly about. I was just hoping to get a solution that didn't involve opening any additional rp_filter settings.
Any idea why the client works fine under Fedora 16 but not under EL6? I found out that a number of the dependent libraries changed between EL6 and FC16 by simply trying to install the FC16 rpm on EL6. This goes back to my original question about building a statically linked version with the FC16 libraries. Or do the differences go deeper? Cheers, Dave _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
