On Friday, May 24, 2013, 19:59:53, [email protected] wrote: > I would need to have a visible, dedicated NIC for Shrew (even better, one for > each connection). > I then apply static routes in Windows 2003 (or 2008) RRAS to that > NIC. That allows *any* PC on my network to use the connection, once > established, as if it were a VPN routing device.
Shrew already has a virtual NIC (look in Device Manager - you should see Shrew Soft Virtual Adapter there), and you can configure it with the route command (I've got a batch file for one connection which changes the route, since the remote network uses same subnet as my local network, and I only need access to a single IP there). Note that IPSec connections typically don't allow adding routes (the local/remote subnet are part of the Phase 2 negotiation, and must match on both sides for the connection to be established successfully). While I haven't tried this with a roadwarrior connection (the type Shrew establishes), I did have to configure a site-to-site IPSec connection where both sites had multiple subnets, and this required me to configure several Phase 2 entries on both sides to work. -- < Jernej Simončič ><><><><>< http://eternallybored.org/ > The wider any culture is spread, the thinner it gets. -- Law of Raspberry Jam _______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
