[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Weird route issue with VMWare


  • Subject: Re: [Openvpn-users] Weird route issue with VMWare
  • From: Jan Just Keijser <janjust@xxxxxxxxx>
  • Date: Fri, 18 Jan 2008 03:37:17 +0100

Hi Rida,

I just reread the entire thread and am still confused... can you please 
tell me/us

- on which server (incl IP address) the openvpn server is running
- what the subnet for the openvpn is (10.1.0.0/24, right?)
- what the subnet for vmnet8 is (10.8.0.0/24, right)

and/or could you post the output of
  netstat -rn
after the openvpn server has started.

cheers,

JJK

Rida wrote:
> Hi,
>  
> Yep, routing is enabled on the server (echo 1 > 
> /proc/sys/net/ipv4/ip_forward). I understand what you meant by the 
> route subnet pointing to itself. I removed the routes from the server 
> configuration (those pushed to the client) and... it still doesn't work.
>
> Regards,
> Rida.
>
> On Jan 12, 2008 3:09 AM, Jan Just Keijser <janjust@xxxxxxxxx 
> <mailto:janjust@xxxxxxxxx>> wrote:
>
>     Hi Rida,
>
>     I am not surprised that that route statement did not work: it's a
>     route
>     to a subnet pointing to itself!
>     If the host running the openvpn software is 10.8.0.1
>     <http://10.8.0.1/> itself then no
>     extra route statement should be required.
>     However, how vmware routes traffic between the different VMs is a
>     different matter; is routing enabled on the server?
>
>     HTH,
>
>     JJK
>
>     Rida wrote:
>     > Hi,
>     >
>     > Thanks for the quick answer. Actually, i tried to "fix" this
>     (because
>     > i've seen the tip in the openvpn faq), but impossible to add the
>     route
>     > on the virtual machines. ie "route add -net 10.1.0.0
>     <http://10.1.0.0/> <http://10.1.0.0 <http://10.1.0.0/>>
>     > netmask 255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0 <http://255.255.255.0/>> gw 10.1.0.1
>     <http://10.1.0.1/>
>     > <http://10.1.0.1 <http://10.1.0.1/>>" tells me "Network
>     unreachable" (but i can ping it
>     > from there). And yes, there is a default gateway ( 10.8.0.1
>     <http://10.8.0.1/>
>     > <http://10.8.0.1 <http://10.8.0.1/>>)
>     >
>     > Regards,
>     > Rida.
>     >
>     > On Jan 11, 2008 2:30 AM, Jan Just Keijser <janjust@xxxxxxxxx
>     <mailto:janjust@xxxxxxxxx>
>     > <mailto:janjust@xxxxxxxxx <mailto:janjust@xxxxxxxxx>>> wrote:
>     >
>     >     Hi Rida,
>     >
>     >     this does not sound like an VMware issue but more like a
>     routing
>     >     issue.
>     >     How would clients in the vmnet8 domain ( 10.8.0.128
>     <http://10.8.0.128/>
>     >     <http://10.8.0.128/ >) know where to send
>     >     stuff back to? Do they know that all packets intended for
>     10.1.0.6 <http://10.1.0.6/>
>     >     <http://10.1.0.6/>
>     >     should be fed back to the openvpn server? In most cases the
>     >     clients on
>     >     your LAN (vmnet LAN in this case) will not know any route
>     for the
>     >     10.1.0
>     >     net and will return packets thru the default gateway. Again,
>     in most
>     >     cases that is not what you want ;-)
>     >
>     >     HTH,
>     >
>     >     JJK
>     >
>     >     PS I use a openvpn-on-vmware setup all the time without
>     problems (tun
>     >     setup).
>     >
>     >
>     >     Rida wrote:
>     >     >
>     >     > Hello everybody,
>     >     >
>     >     > I want, first, to say thank you to all openvpn developers
>     for this
>     >     > very useful
>     >     > piece of software! Happy new year too.
>     >     >
>     >     > So, i got a very strange problem that is getting on my nerve
>     >     because i
>     >     > can't
>     >     > resolve the issue. I got vmware server running on a basic
>     server ;
>     >     > there is 1
>     >     > virtual network (in NAT mode). Here are the routes on the
>     server
>     >     > (after vmware
>     >     > and openvpn are started):
>     >     >
>     >     > 10.1.0.2 <http://10.1.0.2/> <http://10.1.0.2/>
>     <http://10.1.0.2 <http://10.1.0.2/> < http://10.1.0.2/>>
>     >     dev tun0  proto kernel  scope link  src
>     >     > 10.1.0.1 <http://10.1.0.1/> <http://10.1.0.1/> <
>     http://10.1.0.1 <http://10.1.0.1/> <http://10.1.0.1/>>
>     >     > 10.8.0.0/24 <http://10.8.0.0/24> < http://10.8.0.0/24> <
>     http://10.8.0.0/24> dev
>     >     vmnet8  proto kernel  scope link
>     >     > src 10.8.0.1 <http://10.8.0.1/> <http://10.8.0.1/> <
>     http://10.8.0.1 <http://10.8.0.1/> <http://10.8.0.1/>>
>     >     > <public-ip> dev eth0  proto kernel  scope link  src
>     <public-ip>
>     >     > 10.1.0.0/24 <http://10.1.0.0/24> < http://10.1.0.0/24> <
>     http://10.1.0.0/24> via
>     >     10.1.0.2 <http://10.1.0.2/> < http://10.1.0.2/>
>     <http://10.1.0.2 <http://10.1.0.2/> <http://10.1.0.2/>>
>     >     dev tun0
>     >     > default via 91.121.95.254 <http://91.121.95.254/>
>     <http://91.121.95.254/>
>     >     <http://91.121.95.254 <http://91.121.95.254/> <
>     http://91.121.95.254/>> dev eth0
>     >     >
>     >     > Nothing special then (the only thing to keep in mind is
>     that vmware
>     >     > uses source
>     >     > routing). I set up an openvpn server on the server (the
>     one with the
>     >     > public IP),
>     >     > and it is working fine, because i can connect to it and i
>     got an IP
>     >     > address on
>     >     > windows clients. Here's the server's configuration file:
>     >     >
>     >     > local <public-ip>
>     >     > port 1194
>     >     > proto tcp
>     >     > dev tun
>     >     > ca keys/ca.crt
>     >     > cert keys/server.crt
>     >     > key keys/server.key
>     >     > dh keys/dh1024.pem
>     >     > server 10.1.0.0 <http://10.1.0.0/> <http://10.1.0.0/> <
>     http://10.1.0.0 <http://10.1.0.0/>
>     >     <http://10.1.0.0/>> 255.255.255.0 <http://255.255.255.0/> <
>     http://255.255.255.0/>
>     >     <http://255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0/>>
>     >     > ifconfig-pool-persist ipp.txt
>     >     > push "route 10.2.0.0 <http://10.2.0.0/> <http://10.2.0.0/
>     <http://10.2.0.0/>> <http://10.2.0.0 <http://10.2.0.0/>
>     >     <http://10.2.0.0/>> 255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0/>
>     >     > <http://255.255.255.0 <http://255.255.255.0/> <
>     http://255.255.255.0/>>"
>     >     > push "route 10.8.0.0 <http://10.8.0.0/> <http://10.8.0.0/>
>     < http://10.8.0.0 <http://10.8.0.0/>
>     >     <http://10.8.0.0/>> 255.255.255.0 <http://255.255.255.0/> <
>     http://255.255.255.0/>
>     >     > <http://255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0/>>"
>     >     > push "route-delay 2 600"
>     >     > client-to-client
>     >     > keepalive 10 120
>     >     > tls-auth keys/ta.key 0
>     >     > cipher AES-128-CBC # AES
>     >     > comp-lzo
>     >     > max-clients 250
>     >     > user nobody
>     >     > group nobody
>     >     > persist-key
>     >     > persist-tun
>     >     > status /var/log/openvpn-status.log
>     >     > log-append /var/log/openvpn.log
>     >     > verb 6
>     >     > mute 20
>     >     >
>     >     > Now the clients one:
>     >     >
>     >     > client
>     >     > dev tun0
>     >     > proto tcp
>     >     > remote 91.121.95.16 <http://91.121.95.16/>
>     <http://91.121.95.16/> < http://91.121.95.16 <http://91.121.95.16/>
>     >     <http://91.121.95.16/>> 1194
>     >     > resolv-retry infinite
>     >     > nobind
>     >     > persist-key
>     >     > persist-tun
>     >     > ca ca.crt
>     >     > cert client.crt
>     >     > key client.key
>     >     > ns-cert-type server
>     >     > tls-auth ta.key 1
>     >     > cipher AES-128-CBC # AES
>     >     > comp-lzo
>     >     > verb 3
>     >     >
>     >     > Still nothing special, these are basic configuration
>     files. Before
>     >     > i'll "draw" a
>     >     > network topology so you'll have a better idea of how vmware
>     >     implement
>     >     > their NAT
>     >     > (hope there is no error):
>     >     >
>     >     > [Windows client](10.1.0.6/30 <http://10.1.0.6/30> <
>     http://10.1.0.6/30>
>     >     <http://10.1.0.6/30 > tap) <->
>     >     > (10.1.0.5/30 <http://10.1.0.5/30> < http://10.1.0.5/30>
>     <http://10.1.0.5/30> tap gw)
>     >     <-> ( 10.1.0.2/24 <http://10.1.0.2/24> <http://10.1.0.2/24>
>     >     > < http://10.1.0.2/24> vpn
>     >     > real gw) <-> (10.1.0.1/24 <http://10.1.0.1/24>
>     <http://10.1.0.1/24> <
>     >     http://10.1.0.1/24> tun) [server]
>     >     > (10.8.0.1/24 <http://10.8.0.1/24> < http://10.8.0.1/24
>     <http://10.8.0.1/24>> <http://10.8.0.1/24> vmnet8)
>     >     <-> [virtual
>     >     > machine]( 10.8.0.128/24 <http://10.8.0.128/24>
>     <http://10.8.0.128/24>
>     >     <http://10.8.0.128/24> gw 10.8.0.1/24 <http://10.8.0.1/24>
>     <http://10.8.0.1/24 <http://10.8.0.1/24>>
>     >     > < http://10.8.0.1/24>)
>     >     >
>     >     > The virtual machine route is just a default gw to
>     10.8.0.1/24 <http://10.8.0.1/24>
>     >     <http://10.8.0.1/24>
>     >     > <http://10.8.0.1/24 < http://10.8.0.1/24>>. Routes on the
>     >     > client :
>     >     >
>     >     > Active Routes:
>     >     > Network Destination        Netmask          Gateway      
>     Interface
>     >     > Metric
>     >     >           0.0.0.0 <http://0.0.0.0/> <http://0.0.0.0/>
>     <http://0.0.0.0 <http://0.0.0.0/>
>     >     < http://0.0.0.0/>>          0.0.0.0 <http://0.0.0.0/>
>     <http://0.0.0.0/>
>     >     > < http://0.0.0.0 <http://0.0.0.0/> <http://0.0.0.0/>>    
>       192.168.0.1 <http://192.168.0.1/>
>     >     < http://192.168.0.1/> <http://192.168.0.1
>     <http://192.168.0.1/> <http://192.168.0.1/>>
>     >     192.168.0.117 <http://192.168.0.117/> <http://192.168.0.117/>
>     >     > < http://192.168.0.117 <http://192.168.0.117/> <
>     http://192.168.0.117/>>       25
>     >     >         10.1.0.0 <http://10.1.0.0/> <http://10.1.0.0/> <
>     http://10.1.0.0 <http://10.1.0.0/>
>     >     <http://10.1.0.0/>>     255.255.255.0
>     <http://255.255.255.0/> < http://255.255.255.0/>
>     >     > <http://255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0/>>         10.1.0.5 <http://10.1.0.5/>
>     >     <http://10.1.0.5/> <http://10.1.0.5 <http://10.1.0.5/>
>     <http://10.1.0.5/ <http://10.1.0.5/>>>
>     >     > 10.1.0.6 <http://10.1.0.6/> <http://10.1.0.6/>
>     <http://10.1.0.6 <http://10.1.0.6/> <http://10.1.0.6/>>
>     >           1
>     >     >         10.1.0.4 <http://10.1.0.4/> < http://10.1.0.4/>
>     <http://10.1.0.4 <http://10.1.0.4/>
>     >     <http://10.1.0.4/>>   255.255.255.252
>     <http://255.255.255.252/> <http://255.255.255.252/>
>     >     > <http://255.255.255.252 <http://255.255.255.252/> <
>     http://255.255.255.252/>>
>     >     10.1.0.6 <http://10.1.0.6/> <http://10.1.0.6/> <
>     http://10.1.0.6 <http://10.1.0.6/> <http://10.1.0.6/>>
>     >     > 10.1.0.6 <http://10.1.0.6/> <http://10.1.0.6/
>     <http://10.1.0.6/>> < http://10.1.0.6 <http://10.1.0.6/>
>     >     <http://10.1.0.6/>>       30
>     >     >         10.1.0.6 <http://10.1.0.6/> < http://10.1.0.6/>
>     <http://10.1.0.6 <http://10.1.0.6/>
>     >     <http://10.1.0.6/>>   255.255.255.255
>     <http://255.255.255.255/> <http://255.255.255.255/>
>     >     > <http://255.255.255.255 <http://255.255.255.255/> <
>     http://255.255.255.255/>>
>     >      127.0.0.1 <http://127.0.0.1/> <http://127.0.0.1/> <
>     http://127.0.0.1 <http://127.0.0.1/> <http://127.0.0.1/>>
>     >     > 127.0.0.1 <http://127.0.0.1/> < http://127.0.0.1/>
>     <http://127.0.0.1 <http://127.0.0.1/>
>     >     <http://127.0.0.1/>>       30
>     >     >         10.8.0.0 <http://10.8.0.0/> < http://10.8.0.0/>
>     <http://10.8.0.0 <http://10.8.0.0/>
>     >     <http://10.8.0.0/>>     255.255.255.0
>     <http://255.255.255.0/> <http://255.255.255.0/>
>     >     > <http://255.255.255.0 <http://255.255.255.0/> <
>     http://255.255.255.0/>>         10.1.0.5 <http://10.1.0.5/>
>     >     <http://10.1.0.5/> < http://10.1.0.5 <http://10.1.0.5/>
>     <http://10.1.0.5/>>
>     >     > 10.1.0.6 <http://10.1.0.6/> <http://10.1.0.6/
>     <http://10.1.0.6/>> < http://10.1.0.6 <http://10.1.0.6/>
>     >     <http://10.1.0.6/>>       1
>     >     > ...
>     >     >
>     >     > Client's output:
>     >     >
>     >     > Thu Jan 10 00:25:21 2008 OpenVPN 2.0.9 Win32-MinGW [SSL]
>     [LZO] built
>     >     > on Oct  1
>     >     > 2006
>     >     > Thu Jan 10 00:25:21 2008 IMPORTANT: OpenVPN's default port
>     >     number is
>     >     > now 1194,
>     >     > based on an official port number assignment by IANA.  OpenVPN
>     >     > 2.0-beta16 and
>     >     > earlier used 5000 as the default port.
>     >     > Thu Jan 10 00:25:21 2008 Control Channel Authentication: using
>     >     > 'ta.key' as a
>     >     > OpenVPN static key file
>     >     > Thu Jan 10 00:25:21 2008 Outgoing Control Channel
>     Authentication:
>     >     > Using 160 bit
>     >     > message hash 'SHA1' for HMAC authentication
>     >     > Thu Jan 10 00:25:21 2008 Incoming Control Channel
>     Authentication:
>     >     > Using 160 bit
>     >     > message hash 'SHA1' for HMAC authentication
>     >     > Thu Jan 10 00:25:21 2008 LZO compression initialized
>     >     > Thu Jan 10 00:25:21 2008 Control Channel MTU parms [
>     L:1560 D:168
>     >     > EF:68 EB:0
>     >     > ET:0 EL:0 ]
>     >     > Thu Jan 10 00:25:21 2008 Data Channel MTU parms [ L:1560
>     D:1450
>     >     EF:60
>     >     > EB:135
>     >     > ET:0 EL:0 AF:3/1 ]
>     >     > Thu Jan 10 00:25:21 2008 Local Options hash (VER=V4):
>     '<hash>'
>     >     > Thu Jan 10 00:25:21 2008 Expected Remote Options hash
>     (VER=V4):
>     >     '<hash>'
>     >     > Thu Jan 10 00:25:21 2008 Attempting to establish TCP
>     connection with
>     >     > 91.121.95.16:1194 <http://91.121.95.16:1194/>
>     <http://91.121.95.16:1194/>
>     >     < http://91.121.95.16:1194 <http://91.121.95.16:1194/>
>     <http://91.121.95.16:1194/>>
>     >     > Thu Jan 10 00:25:21 2008 TCP connection established with
>     >     <public-ip>:1194
>     >     > Thu Jan 10 00:25:21 2008 TCPv4_CLIENT link local: [undef]
>     >     > Thu Jan 10 00:25:21 2008 TCPv4_CLIENT link remote:
>     <public-ip>:1194
>     >     > Thu Jan 10 00:25:21 2008 TLS: Initial packet from
>     <public-ip>:1194,
>     >     > sid=<hash>
>     >     > Thu Jan 10 00:25:22 2008 VERIFY OK: depth=1, <certificate fqn>
>     >     > Thu Jan 10 00:25:22 2008 VERIFY OK: nsCertType=SERVER
>     >     > Thu Jan 10 00:25:22 2008 VERIFY OK: depth=0, <certificate fqn>
>     >     > Thu Jan 10 00:25:25 2008 Data Channel Encrypt: Cipher
>     'AES-128-CBC'
>     >     > initialized
>     >     > with 128 bit key
>     >     > Thu Jan 10 00:25:25 2008 Data Channel Encrypt: Using 160 bit
>     >     message
>     >     > hash 'SHA1'
>     >     > for HMAC authentication
>     >     > Thu Jan 10 00:25:25 2008 Data Channel Decrypt: Cipher
>     'AES-128-CBC'
>     >     > initialized
>     >     > with 128 bit key
>     >     > Thu Jan 10 00:25:25 2008 Data Channel Decrypt: Using 160 bit
>     >     message
>     >     > hash 'SHA1'
>     >     > for HMAC authentication
>     >     > Thu Jan 10 00:25:25 2008 Control Channel: TLSv1, cipher
>     TLSv1/SSLv3
>     >     > DHE-RSA-AES256-SHA, 1024 bit RSA
>     >     > Thu Jan 10 00:25:25 2008 [client] Peer Connection
>     Initiated with
>     >     > <public-ip>:1194
>     >     > Thu Jan 10 00:25:27 2008 SENT CONTROL [client]: 'PUSH_REQUEST'
>     >     (status=1)
>     >     > Thu Jan 10 00:25:27 2008 PUSH: Received control message:
>     >     'PUSH_REPLY,route
>     >     > 10.8.0.0 <http://10.8.0.0/> <http://10.8.0.0/> <
>     http://10.8.0.0 <http://10.8.0.0/> <http://10.8.0.0/>>
>     >     255.255.255.0 <http://255.255.255.0/> < http://255.255.255.0/>
>     >     > < http://255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0/>>,route-delay 2
>     >     600,route 10.1.0.0 <http://10.1.0.0/> <http://10.1.0.0/>
>     >     > <http://10.1.0.0 <http://10.1.0.0/> <http://10.1.0.0/>>
>     255.255.255.0 <http://255.255.255.0/>
>     >     <http://255.255.255.0/ <http://255.255.255.0/>>
>     <http://255.255.255.0 <http://255.255.255.0/>
>     >     <http://255.255.255.0/>>,ping
>     >     > 10,ping-restart 120,ifconfig 10.1.0.6 <http://10.1.0.6/>
>     <http://10.1.0.6/> <
>     >     http://10.1.0.6 <http://10.1.0.6/> <http://10.1.0.6/
>     <http://10.1.0.6/>>> 10.1.0.5 <http://10.1.0.5/> <http://10.1.0.5/>
>     >     > <http://10.1.0.5 <http://10.1.0.5/> < http://10.1.0.5/>>'
>     >     > Thu Jan 10 00:25:27 2008 OPTIONS IMPORT: timers and/or
>     timeouts
>     >     modified
>     >     > Thu Jan 10 00:25:27 2008 OPTIONS IMPORT: --ifconfig/up options
>     >     modified
>     >     > Thu Jan 10 00:25:27 2008 OPTIONS IMPORT: route options
>     modified
>     >     > Thu Jan 10 00:25:27 2008 TAP-WIN32 device [Local Area
>     Connection 5]
>     >     > opened:
>     >     > \\.\Global\{F71B3A07-5805-4B69-97C9-73926191180F}.tap
>     >     >
>     <file:////Global/%7BF71B3A07-5805-4B69-97C9-73926191180F%7D.tap>
>     >     > Thu Jan 10 00:25:27 2008 TAP-Win32 Driver Version 8.4
>     >     > Thu Jan 10 00:25:27 2008 TAP-Win32 MTU=1500
>     >     > Thu Jan 10 00:25:27 2008 Notified TAP-Win32 driver to set
>     a DHCP
>     >     > IP/netmask of
>     >     > 10.1.0.6/255.255.255.252 <http://10.1.0.6/255.255.255.252>
>     < http://10.1.0.6/255.255.255.252>
>     >     <http://10.1.0.6/255.255.255.252> on
>     >     > interface {F71B3A07-5805-4B69-97C9-73926191180F}
>     >     > [DHCP-serv: 10.1.0.5 <http://10.1.0.5/> <http://10.1.0.5/>
>     <http://10.1.0.5 <http://10.1.0.5/>
>     >     <http://10.1.0.5/> >, lease-time: 31536000]
>     >     > Thu Jan 10 00:25:27 2008 Successful ARP Flush on interface [7]
>     >     > {F71B3A07-5805-4B69-97C9-73926191180F}
>     >     > Thu Jan 10 00:25:29 2008 TEST ROUTES: 0/0 succeeded len=3
>     ret=0 a=0
>     >     > u/d=down
>     >     > Thu Jan 10 00:25:29 2008 Route: Waiting for TUN/TAP
>     interface to
>     >     come
>     >     > up...
>     >     > Thu Jan 10 00:25:31 2008 TEST ROUTES: 3/3 succeeded len=3
>     ret=1
>     >     a=0 u/d=up
>     >     > Thu Jan 10 00:25:31 2008 route ADD 10.8.0.0
>     <http://10.8.0.0/> < http://10.8.0.0/>
>     >     <http://10.8.0.0 <http://10.8.0.0/> <http://10.8.0.0/>> MASK
>     >     > 255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0/> < http://255.255.255.0 <http://255.255.255.0/>
>     >     <http://255.255.255.0/>> 10.1.0.5 <http://10.1.0.5/>
>     <http://10.1.0.5/ <http://10.1.0.5/>>
>     >     <http://10.1.0.5 <http://10.1.0.5/> <http://10.1.0.5/>>
>     >     > Thu Jan 10 00:25:31 2008 Route addition via IPAPI succeeded
>     >     > Thu Jan 10 00:25:31 2008 route ADD 10.1.0.0
>     <http://10.1.0.0/> < http://10.1.0.0/> <
>     >     http://10.1.0.0 <http://10.1.0.0/> <http://10.1.0.0/>> MASK
>     >     > 255.255.255.0 <http://255.255.255.0/>
>     <http://255.255.255.0/> <http://255.255.255.0 <http://255.255.255.0/>
>     >     < http://255.255.255.0/>> 10.1.0.5 <http://10.1.0.5/>
>     <http://10.1.0.5/>
>     >     < http://10.1.0.5 <http://10.1.0.5/> <http://10.1.0.5/>>
>     >     > Thu Jan 10 00:25:31 2008 Route addition via IPAPI succeeded
>     >     > Thu Jan 10 00:25:31 2008 Initialization Sequence Completed
>     >     >
>     >     > Now the issue... From the client, i can ping 10.1.0.5
>     <http://10.1.0.5/>
>     >     <http://10.1.0.5/>
>     >     > <http://10.1.0.5 <http://10.1.0.5/> <http://10.1.0.5/>>
>     (tap gw), 10.1.0.1 <http://10.1.0.1/>
>     >     <http://10.1.0.1/ <http://10.1.0.1/>> <http://10.1.0.1
>     <http://10.1.0.1/> <http://10.1.0.1/>> (vpn
>     >     > gw), 10.8.0.1 <http://10.8.0.1/> <http://10.8.0.1/>
>     <http://10.8.0.1 <http://10.8.0.1/>
>     >     <http://10.8.0.1/>> (vmnet8, but on server's side) but not
>     >     > in vmnet8's network
>     >     > ( 10.8.0.128 <http://10.8.0.128/> <http://10.8.0.128/>
>     <http://10.8.0.128 <http://10.8.0.128/>
>     >     <http://10.8.0.128/>> for example).
>     >     >
>     >     > I've tried everything.... Here are some:
>     >     > * Set up a virtual interface (on eth0:0) with IP 10.1.0.1
>     <http://10.1.0.1/>
>     >     <http://10.1.0.1/>
>     >     > < http://10.1.0.1 <http://10.1.0.1/> <http://10.1.0.1/>>,
>     >     > * Put the openvpn network in vmware's network subnet (i think
>     >     openvpn
>     >     > won't
>     >     > understand, well it didn't work anyway),
>     >     > * pushed gw for routes to the client (the client is slow
>     to connect
>     >     > and tells me
>     >     > that the gw doesn't exists)
>     >     >
>     >     > I'm lost. Please help.
>     >     >
>     >
>

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users