Hello All,
I have Shrewsoft VPN client working fine with Windows 7 and 10 and when I tried to use the same thru CentOS 6.8 desktop, it connected fine, tunnel is extablished, laptop gets correct IP address from a Cisco ASA firewall, and laptop routing table shows route to the office network added thru the tunnel interface, but I could not ping or pass any traffic to the office network. No issues with the windows based Shrewsoft VPN.
I used following documents:
http://ask.xmodulo.com/install-shrew-so ... linux.html
Further research indicated that I need to update the /etc/sysctl.conf to change value to 0 from 1 for the following entries and then reboot.
net.ipv4.conf.default.rp _ filter=0
net.ipv4.conf.all.rp _ filter=0
That did fix my issues. But how did this fix is not understood to me. Essentially this fix is overriding the default Linux kernel behaviour to check Reverse Path Forwarding, but with VPN, and route learned and installed, it already know that packet came from and will lead back the same interface. Can someone please explain this very important concept for benefit of many like me? Especially when the information on the documents like above as well as official ShrewSoft Linux install instructions don't seem to cover this.
Thanks so much,