|
|
Matthew Mastracci wrote: Basically, any traffic from the VPN server to the office PCs goes to the firewall, then gets routed to the appropriate computer. When the office PCs try to talk back to the VPN'd PCs, the traffic goes to the firewall, gets routed to the VPN box by the static route and then send back across the tunnel. Actually, it works even better than that. Traffic arriving over the VPN and being delivered to a station on the LAN will just be delivered directly to that station, not to the firewall. Reply traffic from that station will initially go to the firewall, but then the firewall will issue an ICMP Redirect to the station telling it that it can send traffic for that (remote) IP address directly to the VPN gateway. Assuming the station's OS is smart enough to handle the ICMP Redirect (most are), future traffic will go directly between the station and the VPN gateway, in both directions. ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |