[vpn-help] connect-status of Shrew
Ankur Vyavaharkar
AVyavaharkar at spark.net
Mon Dec 2 21:58:26 CST 2013
We had the similar issue on our netscreen but it was resolved by creating a MIP from trust to untrust Zone.
________________________________________
From: vpn-help [vpn-help-bounces at lists.shrew.net] On Behalf Of Kevin VPN [kvpn at live.com]
Sent: Monday, December 02, 2013 7:54 PM
To: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] connect-status of Shrew
On 10/23/2013 05:11 AM, Gerd Röthig wrote:
>
> If you happen to have a configuration which enables the VPN tunnel for
> specified networks only (see the "Policy" tab in your connection's
> properties), this is not working anymore in Shrew Soft VPN Client version
> 2.2.2 and above.
> You will have to change this setting to "Obtain topology automatically or
> tunnel all" and then adjust the routing manually using a script if
> required. A suggestion for such a split-tunnel script is also included in
> the discussion thread "Unable to access external sites while VPN is
> connected".
>
Hi Gerd,
My VPN connection using 2.2.2 is configured to only enable the tunnel
for two networks (e.g. split tunnel) and it works fine. What makes you
think this functionality is broken in 2.2.2?
If it is broken or not operating correctly, we should figure out why and
submit a bug report - this would be a big problem imo.
Advertising changing the routing table after connect is not a good idea.
I would think that organizations that implement full-tunnel would not
appreciate users learning that they can break out of the security
restriction that way.
_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
https://lists.shrew.net/mailman/listinfo/vpn-help
More information about the vpn-help
mailing list