[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Routing problem with openvpn and host client

  • Subject: Re: [Openvpn-users] Routing problem with openvpn and host client
  • From: Franco Spinelli <frspin@xxxxxxxxxx>
  • Date: Sat, 06 Mar 2004 20:09:13 +0100

Il sab, 2004-03-06 alle 19:00, Renato Salles ha scritto:
> Franco,
> Remember the route decision in the "client" peer: which interface will i
> use to reach the network (actually it's using eth0 instead
> tun0)

In client route I have an explicit route to (destination
machine) by on interface tun0. is end-tunnel IP of
client side

Ping packets go from to by tunnel as:

on client:

PING ( 56(84) bytes of data.
Capturing on tun0
  0.000000 ->  ICMP Echo (ping) request
  1.019051 ->  ICMP Echo (ping) request
  2.019062 ->  ICMP Echo (ping) request

And on the other end of tunnel (on server) I get:

Capturing on tun0
  0.000000 ->  ICMP Echo (ping) request
  1.014848 ->  ICMP Echo (ping) request
  2.015098 ->  ICMP Echo (ping) request

and source address is client side of tunnel

So, I suppose, problem is on server side. On server arrive a icmp
request for which is a machine on local LAN - Same request
is present on eth0 interface (interface of LAN)

Capturing on eth0
 58.373584 ->  ICMP Echo (ping) request
 59.385930 ->  ICMP Echo (ping) request

with a source address IP of client side of tunnel. In this position I
expect a source IP like "private IP" of client, not tunnel IP

Packets then go to also with a source address of,
original openvpn address of client side. On this machine there is no
route for (obvously) and icmp response can reach client side.

So complete path is.

client ----->tun0 on client->tun0 on server---->LAN------>target machine
but source address is always

Where I am wrong ?? I have to masquerade also network ?

Franco Spinelli

Openvpn-users mailing list