[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] what does this route add do for openvpn?



On Wed, Jul 14, 2004 at 06:10:16PM +0800, Sam wrote:

> >>#!/bin/bash
> >>route add -net 10.0.0.0 netmask 255.255.255.0 gw $5
> >>
> >>Do I need to change the home.up script? I have a hard time to understand 
> >>the digit "5" at the end of the script.
> >>   
> >I don't understand most of your question, but the $5 I can shed light on:
> >it's substituted with whatever is the virtual IP of the remote tunnel
> >endpoint. It would be %5 in win32 (the fifth positional parameter of the
> >script).
> >
> you meant "gw $5" is the remote vpn endpoint rathar than local vpn end 
> point?

Yes. I didn't check the sample configs, but that route you have there only
appears to make sense if 10.0.0.0/24 is a physical network _behind_ the
other vpn endpoint.

I.e. in a topology like this:

{ 10.0.0.0/24 } - [10.0.0.x VPN server 192.168.0.1] - [192.168.0.2 VPN client]

If you wanted to reach 10.0.0.0/24 from the vpn client, you'd need route add
-net 10.0.0.0/24 gw 192.168.0.1, just like in the example above.

If 10.0.0.0/24 is the VPN network (instead of 192.168.0.0/30 as in my
example), you don't need that route at all, it will be added by openvpn
automatically.

You only need routes set in up scripts to tell the participants something
about the topology they don't already know.

Andras

-- 
                 Andras Korn <korn at chardonnay.math.bme.hu>
                 <http://chardonnay.math.bme.hu/~korn/>	QOTD:
        Stop repeating yourself. Try something original - like suicide.

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users