[vpn-help] connect-status of Shrew
Gerd Röthig
gerd.roethig at gmail.com
Fri Dec 6 05:01:35 CST 2013
Hello Kevin, hello all,
I just set up my networks in the Policy tab. However, after successfully
establishing the VPN connection, I cannot reach any of the servers in those
networks. The route print command does not show any routes configured for
the networks in question.
Perhaps it has something to do with the networks being private (
10.0.0.0/255.0.0.0 and 172.16.0.0/255.240.0.0). However, if I leave the
Policy setting at "Obtain Topology Automatically or Tunnel All" and set the
routes after connection manually, everything works as expected.
If I recall correctly, "Maintain Persistent Security Associations" used to
work as expected in version 2.1.7 of the client, despite of the networks
being private.
Kind regards,
Gerd
2013/12/3 Kevin VPN <kvpn at live.com>
> On 10/23/2013 05:11 AM, Gerd Röthig wrote:
>
>>
>> If you happen to have a configuration which enables the VPN tunnel for
>> specified networks only (see the "Policy" tab in your connection's
>> properties), this is not working anymore in Shrew Soft VPN Client version
>> 2.2.2 and above.
>> You will have to change this setting to "Obtain topology automatically or
>> tunnel all" and then adjust the routing manually using a script if
>> required. A suggestion for such a split-tunnel script is also included in
>> the discussion thread "Unable to access external sites while VPN is
>> connected".
>>
>>
> Hi Gerd,
>
> My VPN connection using 2.2.2 is configured to only enable the tunnel for
> two networks (e.g. split tunnel) and it works fine. What makes you think
> this functionality is broken in 2.2.2?
>
> If it is broken or not operating correctly, we should figure out why and
> submit a bug report - this would be a big problem imo.
>
> Advertising changing the routing table after connect is not a good idea. I
> would think that organizations that implement full-tunnel would not
> appreciate users learning that they can break out of the security
> restriction that way.
>
> _______________________________________________
> vpn-help mailing list
> vpn-help at lists.shrew.net
> https://lists.shrew.net/mailman/listinfo/vpn-help
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20131206/a785a570/attachment.html>
More information about the vpn-help
mailing list