[vpn-help] Connecting via ShrewSoft VPN client means no LAN internet access (Windows 7 64 bit) - any advice please?
Daniel Humphreys
dan_humphreys at yahoo.co.uk
Wed Apr 27 07:03:01 CDT 2011
Hi all,
I have a Windows 7 64 bit desktop machine which is connected to a LAN.
I recently installed ShrewSoft VPN client v 2.1.7 on my machine so
that I can connect to a license server hosted by my customer. They are
running a Cisco VPN server and I originally tried (unsuccessfully!) to
use the Cisco VPN client for Windows 64 bit but the default gateway
wasn't being configured correctly after loading in my pcf file. Using
ShrewSoft I am able to import the same pcf file, and successfully
connect to the machine I need to using the VPN client software. The
client machine I need to connect to has IP address 1.52.90.33.
The problem is that when I am connected to the customer network using the VPN client application (and after a few minutes) I lose my internet and LAN connection. I can only presume that this is because, by
default the ShrewSoft VPN client application automatically tunnels all
traffic through the VPN connection. I know there is an option to switch off the "Tunnel All" option on the Policy tab of the application and
enter a Remote Network Resource (to "Include" or "Exclude") as "Address" and "Netmask" IP addresses however I am not sure what I need to enter
here.
Here is my ipconfig output before connecting to the VPN (with suffixes blanked out):
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : ***.***
Link-local IPv6 Address . . . . . : fe80::8de3:9dbe:393a:33ba%11
IPv4 Address. . . . . . . . . . . : 150.237.13.17
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 150.237.13.1
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . : ***.***
IPv6 Address. . . . . . . . . . . : 2002:96ed:d11::96ed:d11
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
Tunnel adapter Local Area Connection* 9:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2cf9:38c4:6912:f2ee
Link-local IPv6 Address . . . . . : fe80::2cf9:38c4:6912:f2ee%12
Default Gateway . . . . . . . . . :
Tunnel adapter isatap.***.***:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ***.***
Here is my route print output before connecting to the VPN:
===========================================================================
Interface List
11...20 cf 30 9d ec 2a ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethern
et NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 150.237.13.1 150.237.13.17 2
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
150.237.13.0 255.255.255.0 On-link 150.237.13.17 257
150.237.13.17 255.255.255.255 On-link 150.237.13.17 257
150.237.13.255 255.255.255.255 On-link 150.237.13.17 257
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 150.237.13.17 257
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 150.237.13.17 257
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 1140 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:2cf9:38c4:6912:f2ee/128
On-link
14 1040 2002::/16 On-link
14 296 2002:96ed:d11::96ed:d11/128
On-link
11 286 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::2cf9:38c4:6912:f2ee/128
On-link
11 286 fe80::8de3:9dbe:393a:33ba/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Here is my ipconfig output after connecting to the VPN (with suffixes blanked out):
Windows IP Configuration
Ethernet adapter Local Area Connection* 18:
Connection-specific DNS Suffix . : cpuk.local
Link-local IPv6 Address . . . . . : fe80::b862:8a04:2a87:8cb8%26
IPv4 Address. . . . . . . . . . . : 192.168.128.92
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Default Gateway . . . . . . . . . : 0.0.0.0
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : ***.***
Link-local IPv6 Address . . . . . : fe80::8de3:9dbe:393a:33ba%11
IPv4 Address. . . . . . . . . . . : 150.237.13.17
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 150.237.13.1
Tunnel adapter isatap.cpuk.local:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . : ***.***
IPv6 Address. . . . . . . . . . . : 2002:96ed:d11::96ed:d11
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
Tunnel adapter Local Area Connection* 9:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:2849:2e70:3f57:7fa3
Link-local IPv6 Address . . . . . : fe80::2849:2e70:3f57:7fa3%12
Default Gateway . . . . . . . . . :
Tunnel adapter isatap.***.***:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ***.***
Here is my route print output after connecting to the VPN:
===========================================================================
Interface List
26...aa aa aa ac bf 00 ......Shrew Soft Virtual Adapter
11...20 cf 30 9d ec 2a ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethern
et NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 150.237.13.1 150.237.13.17 102
0.0.0.0 0.0.0.0 On-link 192.168.128.92 31
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
150.237.13.0 255.255.255.0 On-link 150.237.13.17 257
150.237.13.1 255.255.255.255 On-link 150.237.13.17 2
150.237.13.17 255.255.255.255 On-link 150.237.13.17 257
150.237.13.255 255.255.255.255 On-link 150.237.13.17 257
192.168.128.0 255.255.254.0 On-link 192.168.128.92 286
192.168.128.92 255.255.255.255 On-link 192.168.128.92 286
192.168.129.255 255.255.255.255 On-link 192.168.128.92 286
213.249.130.194 255.255.255.255 150.237.13.1 150.237.13.17 2
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 150.237.13.17 257
224.0.0.0 240.0.0.0 On-link 192.168.128.92 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 150.237.13.17 257
255.255.255.255 255.255.255.255 On-link 192.168.128.92 286
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 1140 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:2849:2e70:3f57:7fa3/128
On-link
14 1040 2002::/16 On-link
14 296 2002:96ed:d11::96ed:d11/128
On-link
11 286 fe80::/64 On-link
26 286 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::2849:2e70:3f57:7fa3/128
On-link
11 286 fe80::8de3:9dbe:393a:33ba/128
On-link
26 286 fe80::b862:8a04:2a87:8cb8/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 286 ff00::/8 On-link
26 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Is the problem because I have a second default network destination
0.0.0.0? What do I need to do to limit the VPN traffic to accessing
machine 1.52.90.33 on my customers network?
Many thanks and hope to hear from someone soon!
Dan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110427/120a74ff/attachment-0001.html>
More information about the vpn-help
mailing list