[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Help needed to configure OpenVPN

  • Subject: Re: [Openvpn-users] Help needed to configure OpenVPN
  • From: Markus Feilner <lists@xxxxxxxxxxxxxx>
  • Date: Mon, 13 Aug 2007 13:00:02 +0200

Sorry Andrew, I forgot to CC: the list-

I hope that helped...

Am Freitag 10 August 2007 05:38:01 schrieb Andrew Chan:
> At Client PC A and B, I have to add extra static route to 444.444.444.100
> by issuing the following command.
> route ADD 444.444.444.0 MASK 333.333.333.100
> At Server B, I have to add a static route to reply query from the Client
> PCs.
> /sbin/route add -net netmask gw 333.333.333.100
> Is this what you mean?
> Then my question is that since they are not at the same subnet, I don't
> think I can add these static route right?

If I understand you right,
route ADD 444.444.444.0 MASK 333.333.333.100
should better be:
route ADD 444.444.444.0 MASK
because you want the routing through the tunnel, don't you?
The second: 
/sbin/route add -net netmask gw 333.333.333.100
is what you need on any local non-vpn-client to access the vpn hosts.
But it's mostly better not to open the VPN itself, but instead only routing to 
the networks behind the other tunnel endpoints. But that's a question of 
taste and security/strategy. 

Or am I wrong?


Best Regards - Mit freundlichen Gruessen
Markus Feilner
OpenVPN mailing lists