[Vpn-help] Shrew client overrides network device priority list
Matthew Grooms
mgrooms at shrew.net
Sat Jul 18 21:53:46 CDT 2009
speaker wrote:
> Hi,
>
> I just got a little problem which maybe can be solved very easily with
> the correct configuration of the Shrew Soft vpn client:
>
> In Windows XP the network device priority list can be used to tell e.g.
> games which device to bind to when starting a listening server:
> http://support.microsoft.com/?scid=kb%3Ben-us%3B894564&x=10&y=13
>
> Since most games do not allow to specify which device to use (bad) the
> one on top of the priority list will be used.
>
> Using Hamachi I put the corresponding device on top of the list to force
> games to use the Hamachi device for listening. This works without any
> problem until I go online (via vpn) using the Shrew Soft client. The
> client seems to override the priority list and puts the vpn device on
> top. Therefore each game starts listening on the vpn device ip.
>
> A workaround is to first start the listening server (without any vpn
> connection establised) and then connecting to the vpn.
>
> Is there any possibility to prevent overriding the network device
> priority list? Using the windows vpn client just works without any
> problems (pptp) and even the Cisco vpn client works (which I don't want
> to use due to several other bugs/problems with it).
>
> I bet I'm missing a point with the configuration.
>
> Thanks in advance for any help.
>
Hi York,
I don't think it is necessarily related to a network device priority
list. I think the Shrew Soft Virtual adapter holds the preferred route
to whatever host your game is attempting to connect to. You could try
running Wireshark to determine which hosts are of interest for a given
game, and then add matching Exclude policies in the site configuration.
But more than likely, this wont work if you use something like Battle
Net that connects you to a random peer for ad-hock games.
Do you have control over the gateway? If so, it may be worth switching
to a split-tunnel policy that only sends traffic through the VPN for a
fixed network list. That way the virtual adapter doesn't end up holding
a default route when connected.
Hope this helps,
-Matthew
More information about the vpn-help
mailing list