Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 26 Apr 2011 15:50:54 -0500
From:      Ryan Coleman <ryan.coleman@cwis.biz>
To:        Maciej Milewski <milu@dat.pl>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: OpenVPN routing
Message-ID:  <403698FF-F38D-4250-A1E5-FF2D6DE8DAFE@cwis.biz>
In-Reply-To: <201104261653.35417.milu@dat.pl>
References:  <6073BC9F-553D-41E2-AE42-341B61850EA7@cwis.biz> <BANLkTikvQRGiFS%2BvRu4_tk3aOsFt7zubwA@mail.gmail.com> <6ABDD9A5-E75D-4998-8D49-C89B280F32D4@cwis.biz> <201104261653.35417.milu@dat.pl>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Apr 26, 2011, at 9:53 AM, Maciej Milewski wrote:

> On Tuesday 26 of April 2011 15:45:22, Ryan Coleman wrote:
>> I have a bridge set up, pingable... but can't ping the em1 =
(192.168.46.2)=20
> from the remote machine.
> ...
>> push "route 192.168.47.0 255.255.255.0"
>=20
> Have you tried adding the route to 192.168.46.0/24 subnet into the vpn =
client?
>=20
> You want to ping the host/interface on different subnet. If you don't =
set the=20
> routing to this subnet how your client should know that he needs to =
put that=20
> packet through tap interface not defaultroute which I suspect is =
different?=20
>=20
> Can you show the output of netstat -rn of the vpn client?
>=20
> You may try to look into tcpdump on the vpn router to find what is =
going with=20
> your packets.And for such scenario like vpnclient->vpnserver->network =
you may=20
> even not need nat just simple routing will be enough as long as you =
set it up=20
> on right.
>=20
> My setup is based on tun interfaces and works like a charm. I don't =
use nat=20
> and I only added routing info to the specific routers in the internal=20=

> networks.
>=20
> Maciej Milewski

I'm going to have to get this information when I get home and am not on =
the office LAN. I can do ping tests specifically through the tap0 =
interface but not check the netstat report properly from inside the =
network.

--
Ryan

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?403698FF-F38D-4250-A1E5-FF2D6DE8DAFE>