[vpn-help] VPN Tunnel connection Established, but cannot ssh.
Jinyan Huang
jhuang at hsph.harvard.edu
Mon Dec 17 09:40:02 CST 2012
Matthew,
Thank you.
When I use the same shrew software and same computer, the VPN Tunnel
connection can be Established at home and my office. But I can only
ssh at home, not in office. This is strange to me.
On Mon, Dec 17, 2012 at 12:04 AM, Matthew Grooms <mgrooms at shrew.net> wrote:
> On 12/13/2012 9:52 PM, Kevin VPN wrote:
>> On 12/11/2012 11:56 AM, Jinyan Huang wrote:
>>> Dear Kevin,
>>>
>>> I am now using Shrew VPN on mac. The VPN Tunnel connection is
>>> Established, but cannot ssh. The log file is in the attachment. Do you
>>> have any suggestions? Thank you very much.
>>>
>>> Shrew version: 2.2.0
>>> Mac version: 10.7.5
>>>
>>
>> Hi Jinyan,
>>
>> I haven't been working with Shrew on Macs recently, so I'm not sure how
>> much help I can be. For instance, I can't even remember if there's a
>> Trace Utility for the Mac client. :(
>>
>> I looked through the iked.log quickly. All the usual things look ok:
>> the VPN client IP address (10.2.2.0/24) does not overlap with the
>> protected network (10.10.0.0/16), the policies get installed correctly,
>> and the phase2 security association (sa) is established.
>>
>> Are you able to access the DNS server at 10.10.2.16?
>>
>
> Jinyan and Kevin,
>
> DNS is not being configured correctly by the VPN Client. OSX versions
> 10.6 and later do not rely on the resolv.conf file. Instead they use a
> registry like system that you write information into. Unfortunately it's
> not very well documented. In any case, if the tunnel is working, you
> should be able to resolve host names to IP addresses using dig or
> nslookup ( still read resolv.conf ), but anything that uses the system
> resolver will fail to use the correct name servers. I'm in the process
> of adding support for the new resolver configuration.
>
> -Matthew
More information about the vpn-help
mailing list