[Openswan Users] Accessing Internet from Win/XP during VPN
paul at xelerance.com
Fri Apr 7 23:12:28 CEST 2006
On Fri, 7 Apr 2006, Christian Brechbühler wrote:
> Some clients are WindowsXP service pack 2. Those have trouble.
> I witnessed myself that while the VPN connection was established, Outlook
> Express did not work. I seemed able to access the Internet otherwise (e.g.,
> HTTP to Google).
> My users complain that their mail doesn't work and they cannot reach the
> Internet at all while connected (DNS (10.0.0.52) resolves www.google.com,
> but that's it). They can reach machines on the 10.0.0.X subnet only.
Is there a mismatch between your VPN server and your endusers configuration?
If the Windows machine use "send all traffic through VPN", then openswan
needs a rightsubnet=0.0.0.0/0" option.
> >From a Linux client (openswan 2.4.4, IPsec only) all works fine, because it
> only routes 10.0.0.X packets through the tunnel anyway.
So this seems to suggest you do not tunnel all traffic through the VPN, so
you will need to have your users unselect "send all traffic over VPN".
It is somewhere in the advacned tab of the VPN's TCP/IP properties page.
More information about the Users