|
|
On Mon, May 17, 2004 at 09:38:10PM +0200, Mathias Sundman wrote: > On Mon, 17 May 2004, Rainer Sokoll wrote: > > >>--redirect-gateway ['local'] > > ^^^^^^^^^ > >Overlooked this. > >Just another example for "haste ist waste" :-( > > I don't think that is the option you're looking for. 'local' should only > be used if both your client machine and server is located on the same > subnet. If I understood you correct you want the usual --redirect-gateway > behaivior but also remove the route to the local subnet. > > Using 'local' will only make openvpn NOT add a /32 route for your server > to your gateway, as it is supposted to be found on the local subnet. So > the local subnet route will still remain. > > I don't think it is possible to do what you want. Atleast not the way > openvpn is written right now. > > I'm not sure it is possible to do at all. The local subnet route is > usually added by the OS itself when you assign an IP address to an > interface based on the subnet mask specified. Maybe it's possible to > remove this route add just add a /32 route for the original default > gateway, before the route for the openvpn server is added. That would be > rather cool.. I had a similar issue (using openvpn 1.5) and solved it via up/down scripts. I have both a wired and wireless interface on my system and the wireless is being protected via openvpn. When I initiate the VPN I just remove the local subnet via the up script and I add it via the down script. In this case, I think a host route to the peer system will be needed though. Regards, Rob -- Rob S. Wolfram <rsw@xxxxxxxx> OpenPGP key 0xD61A655D Giraffiti, n.: Vandalism spray-painted very, very high. ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |