[CentOS] Shrew Soft VPN Client for CentOS 6

Tue Feb 28 04:53:52 UTC 2012
David G. Miller <dave at davenjudy.org>

David G. Miller <dave at ...> writes:

> Les Mikesell <lesmikesell at ...> writes:
> > On Fri, Feb 24, 2012 at 4:30 PM, David G. Miller <dave at ...> wrote:
Recap: I could build and run the Shrew Soft VPN client but I couldn't get
packets back to the application process.  They made it to the NIC on the box
running the application but something weeded them out rather than delivering 

After much Googling and advice from folks like Les as well as following the
advice in other message postings (that didn't work),  I finally found this
article in the Shrew Soft VPN-help archive:


Using this advice, I now have the VPN running.  The effect of setting the
various values for rp_filter aren't immediate and the one specified
(net.ipv4.conf.all.rp_filter) to set to zero was already zero (which is why I
didn't think this was the problem).  I decided to try setting all of the
rp_filter values to zero and one or more of them did the trick.

If anyone has any advice for figuring out the minimum set of rp_filter values
that must be zero, I would love to hear it.

In the "for what it's worth department" this was using an ike-2.1.7 rpm that 
was built from the FC-16 source rpm.  I just downloaded the srpm and built it 
on my EL6 box using rpmbuild.