On 8/21/2010 1:49 PM, Em Cielo wrote:
Good day.
Hi Em,
I would like to know if anybody could be able to help me with my issue. I downloaded the latest client and installed it. I had several issues with the drivers not being signed but I was able to work around that.
Are you using 2.1.6? It was released a few days ago and has singed drivers for all supported Windows platforms.
System specs, Windows 7 Ultimate 64bit, 3gb ram, 1.5mbps adsl line, router configured for IPSec passthough. I am accessing vpn gateway so I could connect to our citrix servers. Now after importing the vpn settings to the access manager, first attempt to connect to the vpn was a no brainer. I was able to connect was able to access the citrix servers and was able to load citrix desktop. when I tried to use the local internet I can't load any pages. I could ping my router, i could ping and access other local computers but my internet access is broke. I know my data is being tunneled through the vpn but is there a way to prevent this from happening so I could still access the internet on my local computer? I looked at the last portion of the configuration and there was a setting there for automatically detect network topology or tunnel all was checked. I thought this might be the solution. so I unchecked that one and created settings that would include the vpn subnet but exclude the local subnet. tried several other configuration but I can't just seem to connect to the internet locally. I tried to use my corporate proxy and it works but it is too restricted. I realized that if i put my coporate proxy i can access the internet it means that any data that goes out to the internet passes through the tunnel. Is there a work around for this so that I could still use my local internet access? All the help would be appreciated! Thanks!
What you are describing is called a split tunnel. For this to work correctly, the client must know the topology of the network on the far side of the VPN tunnel. Otherwise, it doesn't know which traffic to send via the tunnel and which traffic to send the the local default gateway. If your gateway doesn't provide the information automatically, your only option is to uncheck 'Obtain Topology Automatically' and then add all the networks manually using 'include'. This tells the client to only send traffic across the tunnel when the destination matches an 'include' network definition. However, it also means the client will negotiate separate SA's for each policy by default ( unless this is a cisco gateway ). One way to work around this is to set the Policy generation level to 'shared' which will negotiate SAs as if it were sending all traffic via the tunnel. For more information, please read this page of the client documentation ...
http://www.shrew.net/static/help-2.1.x/files/PolicySettings.html0 -Matthew _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
