[vpn-help] -12 against ipsec-tools 0.6.6

Brian Jones brian at boku.net
Thu Aug 10 15:05:29 CDT 2006 

With your latest client it is still at 30:

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 02 73 77 d0 ...... Intel(R) PRO/Wireless 3945ABG Network
Connection - Packet Scheduler
Miniport
0x10004 ...aa aa aa aa aa 00 ...... Shrew Soft Virtual Adapter - Packet
Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     10.1.200.254    10.1.200.155       26
          0.0.0.0          0.0.0.0       10.1.202.2      10.1.202.2       30
      10.1.101.26  255.255.255.255     10.1.200.254    10.1.200.155       25
       10.1.200.0    255.255.255.0     10.1.200.155    10.1.200.155       25
     10.1.200.155  255.255.255.255        127.0.0.1       127.0.0.1       25
       10.1.202.0    255.255.255.0       10.1.202.2      10.1.202.2       30
       10.1.202.2  255.255.255.255        127.0.0.1       127.0.0.1       30
   10.255.255.255  255.255.255.255     10.1.200.155    10.1.200.155       25
   10.255.255.255  255.255.255.255       10.1.202.2      10.1.202.2       30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        224.0.0.0        240.0.0.0     10.1.200.155    10.1.200.155       25
        224.0.0.0        240.0.0.0       10.1.202.2      10.1.202.2       30
  255.255.255.255  255.255.255.255     10.1.200.155    10.1.200.155       1
  255.255.255.255  255.255.255.255       10.1.202.2      10.1.202.2       1
Default Gateway:      10.1.200.254
===========================================================================
Persistent Routes:
  None 

-----Original Message-----
From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Matthew Grooms
Sent: Thursday, August 10, 2006 2:39 PM
To: Peter Eisch
Cc: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] -12 against ipsec-tools 0.6.6

Peter Eisch wrote:
> It appears to be the same.  The LAN DHCP def gw still lingers with a
metric
> of 21 instead of the 20 before the client fiddles and the VPN def gw route
> still has a metric of 30.
> 

Hmm, I wonder if another software program has set some default metrics 
here. Is the default route that uses a 20 metric for a statically 
addressed adapter? I wonder if DHCP routes are being added as 30, static 
as 20 and the cisco client as 1 ... suspicious ...

> It looks like you tried to slide the DHCP addr down one and insert the
> ISAKMP as one above, but something is still fiddling with it to make it 30
> instead of less than the DHCP addr.
> 
> 

Anyhow, one more time around. I don't know of a way to force windows to 
create a route with a specific metric when handed out via DHCP. Here is 
an updated package that adds the route via another mechanism with an 
explicit cost.

http://www.shrew.net/vpn/vpn-client-1.1-alpha-1.exe

Thanks again for your very astute feedback,

-Matthew
_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help

More information about the vpn-help mailing list