|
|
Hi VPN gurus,
considering the following scenario - all openvpn-2.x.x , linux, all using tun:
(pls excuse the ugly ascii drawing)
---- 192.168.1.1/24 --- eth0 ----
| Machine A |
| |
| tun0 |
| 10.100.0.4 |
-------------
|
|
-------------
| |
| Machine M |
| |
-------------
|
|
-------------
| 10.100.0.8 |
| tun |
| Machine B | -------------------------
----eth0 ----192.168.2.1/24--- ROUTER -- |172.16.1.1/16 Machine D|
-------------------------
Machines A and B are behind some NATting firewalls, Machine M has got an official
IP address and is only being used to establish connectivity between A and B.
(this connectivity is working OK)
Machine A wants to access machine D via NAT/MASQUERADE on machine B.
B's default route is pointing to the left side of "ROUTER" and B can connect
to machine D.
A has got a route table entry to route dest 172.16.x.y via dev tun0,
but now on M the packets should get forwarded to machine B.
Question:
How to add an entry to the internal routing table of the openvpn2 instance running
on M so packets with destination 172.16.x.y are getting routed via machine B
and then NAT'ed via "ROUTER" to machine D ?
(on M client-to-client is enabled)
I have already tried to add a static route on M like this:
route add -net 172.16.0.0/16 gw 10.100.0.8 but this did not work - B was not
connected while I tried though. (SIOCADDRT: Network is unreachable)
Thanks for any help,
Konrad
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|