>I'd be inclined to
simplify things a bit: -
>
>Firstly don't push the gateway until you
have a reliable connection. Delete "push "redirect-gateway
def1""
Hmm accourding to the howto of openvpn, this is the way one sets
openvpn to route all client traffic trough the tunnel.
>
>Secondly don't try and assign IPs to your vpn by WINS until you
have sorted out a connection. OVPN will assign the >vpn
addresses. There are, I believe, ways to allow WINS to assign IPs in the
servers own LAN subnet, but there are >some
difficulties with tun adaptors in that you need to use /30 subnets. Is that why
you use 10.0.0.121] to
keep it >well away from LAN addresses?
The ip that is dropped is the IP of the client’s ip. That will
change when the client uses another network to access internet. But as I
said in another message. Upgrading openvpn to the latest release magically
fixed all my problems, so I’m guessing I met a bug that has been dealt
with.
>And thirdly I'm not sure you need your ccd file directive
(iroute 10.0.0.0 255.255.255.0) This is supposed to be telling >the
server where the clients LAN subnet is, but it is the same subnet as the VPN
which will be a problem. Have a >look
at http://openvpn.net/howto.html#scope,
which implies that this is needed if you want machines on the >client
LAN to have access to the server LAN. Again, keep it simple to begin with
Hehe. I’m not sure either. I put it there simply because I
was running out of ideas on how to fix my problems.
I removed the ccd line in my working config. And upgraded
openvpn to the latest release. It’s working now.
>There was a lot of discussion on point 2 and /30 subnets in this
mailing list. Review at >http://news.gmane.org/gmane.network.openvpn.user.
>
>Peter
Thanks for all your help :D