OpenVPN routing
Ryan Coleman
ryan.coleman at cwis.biz
Tue Apr 26 20:51:08 UTC 2011
On Apr 26, 2011, at 9:53 AM, Maciej Milewski wrote:
> On Tuesday 26 of April 2011 15:45:22, Ryan Coleman wrote:
>> I have a bridge set up, pingable... but can't ping the em1 (192.168.46.2)
> from the remote machine.
> ...
>> push "route 192.168.47.0 255.255.255.0"
>
> Have you tried adding the route to 192.168.46.0/24 subnet into the vpn client?
>
> You want to ping the host/interface on different subnet. If you don't set the
> routing to this subnet how your client should know that he needs to put that
> packet through tap interface not defaultroute which I suspect is different?
>
> Can you show the output of netstat -rn of the vpn client?
>
> You may try to look into tcpdump on the vpn router to find what is going with
> your packets.And for such scenario like vpnclient->vpnserver->network you may
> even not need nat just simple routing will be enough as long as you set it up
> on right.
>
> My setup is based on tun interfaces and works like a charm. I don't use nat
> and I only added routing info to the specific routers in the internal
> networks.
>
> Maciej Milewski
I'm going to have to get this information when I get home and am not on the office LAN. I can do ping tests specifically through the tap0 interface but not check the netstat report properly from inside the network.
--
Ryan
More information about the freebsd-questions
mailing list