[vpn-help] connect-status of Shrew

Ankur Vyavaharkar AVyavaharkar at spark.net
Mon Dec 2 21:58:26 CST 2013

We had the similar issue on our netscreen but it was resolved by creating a MIP from trust to untrust Zone.
From: vpn-help [vpn-help-bounces at lists.shrew.net] On Behalf Of Kevin VPN [kvpn at live.com]
Sent: Monday, December 02, 2013 7:54 PM
To: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] connect-status of Shrew

On 10/23/2013 05:11 AM, Gerd Röthig wrote:
> If you happen to have a configuration which enables the VPN tunnel for
> specified networks only (see the "Policy" tab in your connection's
> properties), this is not working anymore in Shrew Soft VPN Client version
> 2.2.2 and above.
> You will have to change this setting to "Obtain topology automatically or
> tunnel all" and then adjust the routing manually using a script if
> required. A suggestion for such a split-tunnel script is also included in
> the discussion thread "Unable to access external sites while VPN is
> connected".

Hi Gerd,

My VPN connection using 2.2.2 is configured to only enable the tunnel
for two networks (e.g. split tunnel) and it works fine.  What makes you
think this functionality is broken in 2.2.2?

If it is broken or not operating correctly, we should figure out why and
submit a bug report - this would be a big problem imo.

Advertising changing the routing table after connect is not a good idea.
I would think that organizations that implement full-tunnel would not
appreciate users learning that they can break out of the security
restriction that way.

vpn-help mailing list
vpn-help at lists.shrew.net

More information about the vpn-help mailing list