Re: [Openvpn-users] Wrong network port

[Mike Meyer <mwm-dated-1152564896.b15660@xxxxxxxxx>]

In <19397.212.190.229.68.1152105402.squirrel@xxxxxxxxxxxxxxxxxxxxx>, Erestor Elensar <erestor.elensar@xxxxxxxxx> typed:
> I can ping all the machine from siteA (10.32.0.0/22) to siteB
> (10.32.16.0/24 )without any problems, but when i ping from a openvpn to a
> machine at the other site it end there with the ip address from the tunnel
> (10.32.101.2)!!!
> 
> How can i solve this ?

If I read this right (and I may not be), then what's going on is
normal behavior for a VPN, and not something that needs "solving", or
that can easily be changed.

The box that OpenVPN is running on adds an interace when the tunnel is
up - the interface at it's end of the tunnel. When a system with
multiple IP addresses sends out a packet, it pretty much has to label
it as from the IP address associated with the interface that it's
sending it out, as that's the only way to insure that the recipient of
the packet will be able to get a response back.

You can force connection to send use a different interfaces address as
the source address, and it will get routed to the correct
interface. However, that normally has to be done with each
connection. There may be a way to force all connection to use some
specific address, but that will be system-dependent.

So, that the packets use the ip address of the tunnel isn't a
problem. This may create problems for you elsewhere, but without
knowing what those are specifically, we can't help solve them.

	<mike
-- 
Mike Meyer <mwm@xxxxxxxxx>		http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users