[ILUG] OpenVPN
Thomas Pedoussaut
thomas at pedoussaut.com
Thu Sep 2 16:19:13 IST 2010
Hi Kevin,
why do you bother with routing. If the only communication you need is
between the 2 machine at each end of the tunnel, just use their 10.8.x.x
addresses.
And if you want to link a machine to a site, just push a route to your
site LAN like:
push "route 192.168.200.0 255.255.255.0"
On 02/09/10 16:14, kevin wrote:
> I am trying to set up an openvpn connection between our main server and
> the off-site backup server. Something nice and simple with a static key.
> I seem to get a connection but have a routing problem.
>
> The config file is
>
> port 1194
> dev tun
> ifconfig 10.8.0.1 10.8.0.2
> secret /etc/openvpn/static.key
> keepalive 10 60
> persist-tun
> persist-key
> comp-lzo
> tun-mtu 1500
> script-security 2
> route-up "route delete -net 192.168.200.0"
> route-up "route add -net 192.168.200.0 netmask 255.255.255.0 dev tun0"
> verb 5
> status openvpn-status.log
>
> The routing table comes up with:
>
> Kernel IP routing table - with VPN up
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0
> tun0
> 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth1
> 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0
> eth1
>
> What happened to the route 192.168.200.0
>
>
More information about the ILUG
mailing list