RE: [Openvpn-users] Routing?

["Milton R. Calnek" <mcalnek@xxxxxxxxxx>]

I tried that, and maybe I have something else configured incorrectly,
but it didn't work for me.  I was connecting two lans (as opposed to
connecting a host to a lan) and from inside one lan I was able to ping
and use DNS, but not anything that required TCP.  

But maybe I had something else configured incorrectly. 

I ended up putting the VPN stuff on the primary gateway where I wanted
it in the first place.

--
Milton Calnek
mcalnek@xxxxxxxxxx
+1 306 359 6939


-----Original Message-----
From: katsumi liquer [mailto:katsumi@xxxxxxxxx] 
Sent: Thursday, April 07, 2005 8:54 AM
To: Milton R. Calnek
Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [Openvpn-users] Routing?

No, unfortunately it is not. However, due to insane time restraints on
the implementation of this tunnel, I decided to circumvent the problem
all together by configuring port forwarding on the VPN server to the
remote host I was trying to route to. This did the trick. A bit of a
hack, but.. se la vie.

In any case, being that the VPN server is not the gateway, I would
have to add a route on the gateway to the VPN subnet, right?

Thank you,
katsu

On Apr 7, 2005 10:49 AM, Milton R. Calnek <mcalnek@xxxxxxxxxx> wrote:
> >and B) I have to add a route on the local gateway to route the VPN
> >subnet to the OpenVPN server
> >
> >Is B correct? How would I go about doing that? Our gateway is a
> >separate machine, so I am assuming I would add some route like
> 
> Is your VPN server not the default gateway?
> 
> --
> Milton Calnek
> mcalnek@xxxxxxxxxx
> +1 306 359 6939
> 
> 
> -----Original Message-----
> From: katsumi liquer [mailto:katsumi@xxxxxxxxx]
> Sent: Wednesday, April 06, 2005 9:16 AM
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Subject: [Openvpn-users] Routing?
> 
> Hello Everyone,
> 
> I have configured a very simple OpenVPN tunnel across a WAN link. I
> can now ping the VPN adaptor on either side, and the link seems to be
> functioning properly. My last task is to allow the remote OpenVPN
> computer to access a machine on our local subnet.
> 
> Here are the configuration files:
> --------------------------------------------
> SITE A (LOCAL)
> dev tun
> 
> proto tcp-server
> 
> port 5010
> 
> show-net-up
> 
> ifconfig 10.8.0.1 10.8.0.2
> secret key.txt
> 
> push "route 10.0.0.0 255.255.255.0"
> 
> verb 5
> 
> -----------------------------------------
> SITE B (REMOTE)
> remote xxx.xxx.xxx.xxx
> 
> dev tun
> 
> port 5010
> proto tcp-client
> 
> show-net-up
> 
> ifconfig 10.8.0.2 10.8.0.1
> secret key.txt
> 
> verb 5
> 
> Now, according to the documentation, in order for me to facilitate the
> remote host access to the local subnet, I need to
> 
> A) add the push "route 10.0.0.0 255.255.255.0" to the local-server
> side configure, which I have done
> 
> and B) I have to add a route on the local gateway to route the VPN
> subnet to the OpenVPN server
> 
> Is B correct? How would I go about doing that? Our gateway is a
> separate machine, so I am assuming I would add some route like
> 
> route add 10.8.0.0 255.255.255.0 10.0.0.150 (depending on the type of
> OS)
> 
> Is this correct? I just wanted to check and get some opinions..  I
> don't have access to the gateway machine, so I am going to have to
> request a change.
> 
> I greatly appreciate any information at all! :)
> 
> Thank you very much,
> katsu
> 
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real
users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
> 
> --
> DISCLAIMER: The information transmitted is intended only for the
> addressee and may contain confidential, proprietary and/or privileged
> material. Any unauthorized review, distribution or other use of or
> the taking of any action in reliance upon this information is
> prohibited. If you received this in error, please contact the sender
> and delete or destroy this message and any copies.
> 
> --
> This message has been scanned for viruses and dangerous content by
> MailScanner, and is believed to be clean.  MailScanner thanks transtec
> Computers for their support.
> 
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real
users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_ide95&alloc_id396&opclick
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>

--
DISCLAIMER: The information transmitted is intended only for the 
addressee and may contain confidential, proprietary and/or privileged 
material. Any unauthorized review, distribution or other use of or 
the taking of any action in reliance upon this information is 
prohibited. If you received this in error, please contact the sender 
and delete or destroy this message and any copies.  

-- 
This message has been scanned for viruses and dangerous content by 
MailScanner, and is believed to be clean.  MailScanner thanks transtec 
Computers for their support.


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users