[vpn-help] Making all connections go through VPN

Will Kalman wbk at kalman.org
Thu Jan 12 21:56:30 CST 2012


Thank you for the reply, Kevin!

I followed the Netgear How-To on the shrew.net site
(http://www.shrew.net/support/wiki/HowtoNetgear) to set this VPN up (thanks
for that!).

Is there a suggested change to those instructions you can suggest to enable
full tunneling?  The only setting that I can see that might make a
difference is in the "Traffic Tunnel Security Level" where the local network
and it's subnet mask are set, but I can't find enough information about
those settings to be sure that they do what I want.

--Will

-----Original Message-----
From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Kevin VPN
Sent: Tuesday, January 03, 2012 7:41 PM
To: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] Making all connections go through VPN

On 12/17/2011 12:58 AM, Will Kalman wrote:
> I have my Netgear FVS-318G VPN endpoint router VPN working great with 
> ShrewSoft VPN client but I notice that it does split-tunneling where 
> connections to my inside network go through the tunnel as expected, 
> but requests to the "internet-at-large" go directly out the client 
> machine's internet connection.  Aside from secure access to my home 
> network (typically, I'm accessing the SVN server and file shares on my 
> Qnap NAS), which is working great, one of my goals was to route all my 
> internet connections through my home network for added security at 
> public wi-fi spots to eliminate snooping of email passwords, etc.
>
> Has anyone gotten this to work as I'm looking to do?  Client OS is Win7.
>

Hi Will,

What is tunnelled or not is dependent on the setting on the Policy tab of
the Shrew site configuration and also on the configuration of the VPN
gateway.

By default, a new site configuration is set to "Obtain Topology
Automatically or Tunnel All."  This means that when you connect to the VPN
gateway, the Shrew client will accept from the gateway a configuration that
specifies what destinations to tunnel. If it fails to receive a list of
destinations to tunnel, then Shrew will try to tunnel all traffic.

Assuming you've not modified the default Policy configuration, then I would
suggest that your gateway is providing Shrew with only the ip range for your
inside network as a tunnel destination.  To correct this you'll need to
change the configuration of the Netgear.
_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help




More information about the vpn-help mailing list