[vpn-help] Ambiguous Source IP Address with overlapping address pools

Mark Larwill larwill at gmail.com
Mon Jun 13 12:24:14 CDT 2011 

Is anyone able to help now that I've added additional clarification?

On Wed, Jun 1, 2011 at 10:31 AM, Mark Larwill <larwill at gmail.com> wrote:

> Andreas, thanks for your quick answer. Here is a more detailed description
> of the configuration:
>
> The addresses do not directly overlap but they are on the same network
> address space. For example the local interface is a DHCP assigned address
> from the pool 192.168.0.1 -- 192.168.0.100, and the virtual IPs are from the
> pool 192.168.0.101 -- 192.168.0.254. They are on the same 192.168.0.0/24address space but do not directly overlap.
>
> I believe you answered question 3 below. I'd like to know more than just
> whether this works or not, specifically the questions I asked earlier:
>
> 1) Is there a reason why some traffic is tunneled and other traffic is not?
> 2) What is the logic of which source address is used?--Is that an OS
> specific issue or is that specific to the shrew client?
> 3) Is the configuration as described above supported?
> 4) If not can support be added?
>
> There are other VPN clients that support this type of configuration and
> always choose the source IP to be the Virtual IP and tunnel the traffic in
> this case.
>
> On Wed, Jun 1, 2011 at 1:08 AM, <lst_hoe02 at kwsoft.de> wrote:
>
>> Zitat von Mark Larwill <larwill at gmail.com>:
>>
>>
>>  With Windows 7, and Shrew Client 2.1.7 if a user has a DHCP address on
>>> the
>>> same network as the virtual address pool then the source address is not
>>> always the same, some traffic will get tunneled and other traffic won't.
>>> In
>>> the case where the traffic is tunneled the source IP is the Virtual IP,
>>> in
>>> the case where traffic is not tunneled the source IP is the interface's
>>> DHCP
>>> address. In the case where "tunnel all" is set then it seems like the
>>> source
>>> address should always be the virtual IP address.
>>>
>>> Is there a reason why some traffic is tunneled and other traffic is not?
>>> What is the logic of which source address is used? Is that an OS specific
>>> issue or is that specific to the shrew client? Is the configuration as
>>> described above supported? If not can support be added?
>>>
>>
>> Do i understand corretly that you have overlapped address-space between
>> your lokal net and the VPN? This will not work.
>>
>> Regards
>>
>> Andreas
>>
>>
>>
>> _______________________________________________
>> vpn-help mailing list
>> vpn-help at lists.shrew.net
>> http://lists.shrew.net/mailman/listinfo/vpn-help
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110613/3a0fcba3/attachment-0002.html>

More information about the vpn-help mailing list