[vpn-help] Making all connections go through VPN

Kevin VPN kvpn at live.com
Sun Jan 15 20:51:44 CST 2012


On 01/12/2012 10:56 PM, Will Kalman wrote:
> Thank you for the reply, Kevin!
>
> I followed the Netgear How-To on the shrew.net site
> (http://www.shrew.net/support/wiki/HowtoNetgear) to set this VPN up (thanks
> for that!).
>
> Is there a suggested change to those instructions you can suggest to enable
> full tunneling?  The only setting that I can see that might make a
> difference is in the "Traffic Tunnel Security Level" where the local network
> and it's subnet mask are set, but I can't find enough information about
> those settings to be sure that they do what I want.
>
> --Will
>
> -----Original Message-----
> From: vpn-help-bounces at lists.shrew.net
> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Kevin VPN
> Sent: Tuesday, January 03, 2012 7:41 PM
> To: vpn-help at lists.shrew.net
> Subject: Re: [vpn-help] Making all connections go through VPN
>
> On 12/17/2011 12:58 AM, Will Kalman wrote:
>> I have my Netgear FVS-318G VPN endpoint router VPN working great with
>> ShrewSoft VPN client but I notice that it does split-tunneling where
>> connections to my inside network go through the tunnel as expected,
>> but requests to the "internet-at-large" go directly out the client
>> machine's internet connection.  Aside from secure access to my home
>> network (typically, I'm accessing the SVN server and file shares on my
>> Qnap NAS), which is working great, one of my goals was to route all my
>> internet connections through my home network for added security at
>> public wi-fi spots to eliminate snooping of email passwords, etc.
>>
>> Has anyone gotten this to work as I'm looking to do?  Client OS is Win7.
>>
>
> Hi Will,
>
> What is tunnelled or not is dependent on the setting on the Policy tab of
> the Shrew site configuration and also on the configuration of the VPN
> gateway.
>
> By default, a new site configuration is set to "Obtain Topology
> Automatically or Tunnel All."  This means that when you connect to the VPN
> gateway, the Shrew client will accept from the gateway a configuration that
> specifies what destinations to tunnel. If it fails to receive a list of
> destinations to tunnel, then Shrew will try to tunnel all traffic.
>
> Assuming you've not modified the default Policy configuration, then I would
> suggest that your gateway is providing Shrew with only the ip range for your
> inside network as a tunnel destination.  To correct this you'll need to
> change the configuration of the Netgear.

Hi Will,

I've not configured a Netgear device myself, but looking the screenshots 
on the HowTo, you could try changing the Local IP Address and Local 
Subnet Netmask to include all IPs in the Traffic Tunnel Security Level 
section:

Local IP Address = 0.0.0.0
Local Subnet Netmask = 0.0.0.0



More information about the vpn-help mailing list