|
|
I'm not completely sure that I understand what you're trying to do, so stop me if I misunderstood something. Should the systems behind gatewayA and gatewayB be able to access the servers at 10.2.0.0/24? Should systems on the 10.2.0.0/24 segment be able to individually address the systems behind gatewayA and gatewayB? I agree that you'll need to NAT connections going over the VPN to the servers via the gateways -- the only alternative to that is putting the sites on separate address space. If you're getting errors indicating that the packets going over the tun adapter are trying to use the gateway's eth0 address (rather than its tun0 address), that's an issue with your nat configuration you'll need to figure out how to resolve on your own; you should be masquerading to the address of the gateway's tun adapter. If you don't mind the NAT making it impossible for the servers to distinguish the individual clients behind the gateways, it should indeed be possible to get everything into a position where it works. ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-08/msg00064.html on line 193 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-08/msg00064.html on line 193 |