On 12/23/2012 04:46 AM, Emre Erenoglu wrote:
Thanks, I'll check how I can do it, it seems there's include &exclude
stuff, so I guess I will exclude the vpn gateway and include all rest
0.0.0.0.
Maybe I shall send an email to the VPN mailing list, this is not a normal
behavior.
Btw, my dns seemed to be working OK on Ubuntu 12.10 when vpn was connected,
why would we need your patch for?
On Sun, Dec 23, 2012 at 1:33 PM, Andrew Timonin <[email protected]> wrote:
On Fri, 21 Dec 2012 01:37:41 +0400, Emre Erenoglu <[email protected]>
wrote:
Hi Andrew,
It seems I found the solution. When shrew connects, I can see in route
table that it does not add a specific route to the VPN server to go
through
my home router. There's just default route which is now the VPN internal
IP
& tap0 interface .
So, since packets destined to the vpn server can't go through, the VPN
fails.
When I added the manual route to the vpn server, then it started
working.
But this shall not be like this, it shall normally add the specific
route
to the vpn host when changing the default route, have you seen
any behavior like this?
Yes! I just have fogotten this!
If I used default settings I had a default route to VPN (it was set by VPN
GW on other end),
so I had to set specific routes in Shrew VPN in Policy -> External network
resources
For situations where the gateway IP address was part of the protected
network, there was code in Shrew (maybe introduced in 2.1.7?) that made
Shrew smart enough to not tunnel traffic destined for the gateway. I'm
fairly sure this was done via an extra route entry.
What version of Shrew are you guys using?
_______________________________________________
vpn-help mailing list
[email protected]
https://lists.shrew.net/mailman/listinfo/vpn-help
