<m.roth at ...> writes: > > Hi, Dave, > > dave at ... wrote: > > > > Where I work uses the Shrew Soft VPN client to access remote resources. I > > have found pre-built rpms for EL5, various versions of Fedora, and > > appropriate packages for non-rpm based distros but no rpm for EL6. I have > > downloaded the source from Shrew Soft and built "my own" which built and > > installed with no errors but then didn't work. I'm finally taking the > <snip> > > same configuration and user connects under EL6 (confirmed on the VPN > > server) but is unusable (e.g., I can't ping known systems). > > I think I'd try tcpdump, or some other tool, and see what's happening. > > mark > I ran tcpdump on my gateway's interface to the the 'net while running a ping on the client. I could see what I'm pretty sure were the ping returns (hard to tell since it's VPN traffic). I'll move the tcpdump to watching what goes from the gateway to the VPN client although the VPN traffic will then be mixed in with any other non-VPN traffic between the client and my gateway. I can cut back on this traffic but I can't stop it or filter it the way I cann at the gateway's exterior NIC. I'm pretty sure the problem has to do with the VPN stack on the VPN client. The FC16 box uses the same client and the same configuration to successfully connect to the VPN and access remote systems but there are several dependent libraries that are newer on the FC16 platform (I tried installing the FC16 rpm on my EL6 box to 1) see if it would install and 2) see what dependencies changed). There could be something wrong with how the outbound packets get built but then I probably wouldn't have seen the pings coming back. Cheers, Dave