[vpn-help] virtual adapter routing broken on Ubuntu 10.04??

Matthew Grooms mgrooms at shrew.net
Thu Jul 15 00:07:50 CDT 2010


On 7/11/2010 9:09 PM, r hayman wrote:
> So, I've got two absolutely identical machines - I mean absolutely
> identical hardware.  One runs Windows 7 64-bit and one runs Ubuntu 10.04
> 64 bit desktop.
>
> In all cases, the ShrewSoft configurations are the same between the
> Windows and the Ubuntu machines.
>
> I can run ShrewSoft 2.1.5 (via the Ubuntu package manager) and establish
> a Mutual PSK+XAuth VPN connection using both a non-ModeConfig and
> ModeConfig configuration.
>
> I can also run ShrewSoft 2.1.5 (via download from ShrewSoft.com) on
> Windows 7 64-bit and establish a Mutual PSK+XAuth VPN connection using
> both a non-ModeConfig and ModeConfig configuration.
>
> The non-ModeConfig connections use the 'existing adapter and current
> address' whereas the ModeConfig connections use the 'virtual adapter and
> assigned address'.
>
> Here's the kicker that's got me wondering if Ubuntu 10.04 has a routing
> bug:
>
> In all instances of VPN connections *except* the Ubuntu 10.04 ShrewSoft
> ModeConfig connection, everything works flawlessly as expected.  Only
> with the Ubuntu 10.04 ShrewSoft ModeConfig connection I cannot ping
> hosts on the remote end of the VPN, nor can I see any host on the remote
> end.
>
> The routing tables look good to me (netstat -r and route output), the
> Virtual Adapter (tap0) establishes the expected (non-overlapping) IP
> address, yet, the only instance of improper (or non-existant) routing
> occur with virtual adapters on Ubuntu 10.04.
>
> Under Ubuntu 10.04, when I ping the remote end of the VPN connection,
> the tap0 adapter does not register any traffic, but the eth0 adapter
> does.  This leads me to believe Ubuntu 10.04 has a routing issue with
> virtual adapters.
>
> Does it matter that I'm using Netgear VPN firewalls?  I don't think so,
> since the Windows 7 works fine using the non-ModeConfig and the
> ModeConfig settings, and the Ubuntu 10.04 box works fine using the
> non-ModeConfig settings.
>
> I could supply all the various permutations of logs and configurations
> that I've tried, but the fact that I can establish connectivity in all
> instances leads me to believe the problem is *not* with my ShrewSoft
> configurations and/or VPN connections.
>
> Here's the bottom line:
> Windows7 ->  FVS114 ->  FVS336G ->  remote host
> in either 'Mutual PSK + XAuth' non-ModeConfig or ModeConfig settings,
> after establishing the VPN, the Windows7 machine can ping the remote
> host and see hosts on the remote LAN
>
> Ubuntu10.04 ->  FVS114 ->  FVS336G ->  remote host
> in 'Mutual PSK + XAuth' non-ModeConfig setting, after establishing the
> VPN, the Ubuntu machine can ping the remote host and see hosts on the
> remote LAN
> in 'Mutual PSK + XAuth' ModeConfig setting, after establishing the VPN,
> the Ubuntu machine cannot ping the remote host, nor can it see anything
> on the remote LAN.
>
> Thoughts anybody?
>

Yes.

http://lists.shrew.net/mailman/htdig/vpn-help/2008-November/001827.html

-Matthew



More information about the vpn-help mailing list