[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] pushing server network as route to client stops openvpn

  • Subject: Re: [Openvpn-users] pushing server network as route to client stops openvpn
  • From: Sascha Lucas <sascha.lucas@xxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 2 Dec 2005 16:25:21 +0100 (CET)
 After some seconds of thinking I beleave I just followed the Howto
 (http://openvpn.net/howto.html#scope). p2p works (nothing pushed). So I
 pushed the Servers net "route 129.69.90.128 255.255.255.248". I.e. to
 reach 129.69.90.130 via the VPN.

So, don't you understand that that will break the routing of the OpenVPN tunnel itself, or do you think that OpenVPN should always be smart enough to figure out that your server IP is part of the route you are trying to push so it would automatically add a host route for the server?

Yes, I understand! But I think the next one: OpenVPN should always be smart enough to discover that this pushed route includes the Servers IP.

Yes, when you use --redirect-gateway, there is always a host route added as it is always needed. When pushing normal routes, it´s rather uncommon to push the subnet that your server belongs to so no host route is added.

realy uncommon? What if your company has a class B Network (129.69.0.0/16), you place your VPN Server somewhere in this net and you want your clients to access 129.69.0.0/16 via the VPN-Tunnel?

I have a workaround for now:

I replaced push "route 129.69.0.0 255.255.0.0" with

push "route 129.69.0.0 255.255.192.0"
push "route 129.69.64.0 255.255.240.0"
push "route 129.69.80.0 255.255.248.0"
push "route 129.69.88.0 255.255.254.0"
push "route 129.69.90.0 255.255.255.128"
push "route 129.69.90.128 255.255.255.252"
push "route 129.69.90.132 255.255.255.255"
push "route 129.69.90.134 255.255.255.254"
push "route 129.69.90.136 255.255.255.248"
push "route 129.69.90.144 255.255.255.240"
push "route 129.69.90.160 255.255.255.224"
push "route 129.69.90.192 255.255.255.192"
push "route 129.69.91.0 255.255.255.0"
push "route 129.69.92.0 255.255.252.0"
push "route 129.69.96.0 255.255.224.0"
push "route 129.69.128.0 255.255.128.0"

just to exclude 129.69.90.133. This is .... not nice :-(

Sascha.

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00036.html on line 208

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00036.html on line 208