Re: vpnc and determining correct routes

From: Thomas Liebetraut <thomas tommie-lie de>
To: networkmanager-list gnome org
Subject: Re: vpnc and determining correct routes
Date: Mon, 23 Oct 2006 15:50:28 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Stefan Schmidt schrieb:
> Right cisco vpn pushes them out to the clients. Because of this fact,
> I would prefer to let vpnc pushes the routes via dbus and nm can
> decide how to handle. Perhaps somebody like to overwrite this route
> given by his company.
Definitely! I don't want to completely remove the "Only use VPN
connection for these addresses" option but still leave it, either as
additional routes or as an override for the broadcasted routes, if the
user knows what he does.
I'm especially thinking about configurations where traffic is blocked
based on IPSec group name. When the gateway is configured in a way that
it only allows traffic that goes to the subnet of the VPN, NM's current
behaviour would break all other connections, making it only possible for
the user to connect to hosts that have a IP in the VPN's subnet.

For instance, I can't connect to my SMTP server if I'm connected to the
VPN via NM (this may have other reasons than blocked traffic at the
university's gateway, though).

Regards,
Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFPMhsxVmZpTAq4IgRAjqwAJ4hWdjq0F1kyJoxzGZ4Bqzs7iVJ3gCcDzR/
AhJkXmDv7EsK4gtJU+/ml3U=
=IUtc
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: vpnc and determining correct routes
  - From: Stefan Schmidt

References:
- vpnc and determining correct routes
  - From: Thomas Liebetraut
- Re: vpnc and determining correct routes
  - From: Stefan Schmidt

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]