David G. Miller <dave at ...> writes: > > Les Mikesell <lesmikesell at ...> writes: > > On Fri, Feb 24, 2012 at 4:30 PM, David G. Miller <dave at ...> wrote: <SNIP> Recap: I could build and run the Shrew Soft VPN client but I couldn't get packets back to the application process. They made it to the NIC on the box running the application but something weeded them out rather than delivering them. After much Googling and advice from folks like Les as well as following the advice in other message postings (that didn't work), I finally found this article in the Shrew Soft VPN-help archive: http://lists.shrew.net/pipermail/vpn-help/2008-November/000950.html Using this advice, I now have the VPN running. The effect of setting the various values for rp_filter aren't immediate and the one specified (net.ipv4.conf.all.rp_filter) to set to zero was already zero (which is why I didn't think this was the problem). I decided to try setting all of the rp_filter values to zero and one or more of them did the trick. If anyone has any advice for figuring out the minimum set of rp_filter values that must be zero, I would love to hear it. In the "for what it's worth department" this was using an ike-2.1.7 rpm that was built from the FC-16 source rpm. I just downloaded the srpm and built it on my EL6 box using rpmbuild. Cheers, Dave