Date: Wed, 11 May 2011 15:33:12 -0700 (PDT) From: Bill Tillman <btillman99@yahoo.com> To: freebsd-questions@freebsd.org Subject: OpenVPN Setup Message-ID: <255857.25990.qm@web36501.mail.mud.yahoo.com> In-Reply-To: <207183.59415.qm@web36504.mail.mud.yahoo.com> References: <207183.59415.qm@web36504.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks again for all the great tips on OpenVPN setup. I think its about rea= dy =0Afor real deployment but I have a couple of more questions.=0A=0AMy Op= enVPN server (10.0.0.254) is inside my LAN behind another FreeBSD =0Arouter= /gateway (10.0.0.253) which is running IPFW+NATD and handles the LAN's =0Ac= onnection to the cable modem. All that is running fine.=0A=0AIn the docs I = read it told me to turn forwarding on at the OpenVPN server =0A(10.0.0.254)= =A0as well, effectively turning it into another gateway. I was =0Awondering= if this could be avoided, assuming the docs I read were about a setup =0Aw= here the VPN server was right off the Internet and was needed as the gatewa= y.=0A=0AI added this route to the FreeBSD router (10.0.0.253) which on my L= AN is the =0Amachine right off the cable modem:=0A=0A=A0=A0=A0 route add -n= et 10.8.0.0/24 10.0.0.254=0A=0AThis made everything work but I'd like to as= k if this is the most efficient way =0Aof setting up the routing table.on t= he router (10.0.0.253).=0A=0AWhen I check the routing tables on the OpenVPN= server with netstat -nr I see =0Athis info:=0A=0AInternet:=0ADestination= =A0=A0=A0=A0=A0=A0=A0 Gateway=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 Flags=A0=A0= =A0 Refs=A0=A0=A0=A0=A0 Use=A0 Netif Expire=0Adefault=A0=A0=A0=A0=A0 =A0=A0= =A0=A0=A0=A0=A0=A0 10.0.0.253=A0=A0=A0=A0=A0=A0=A0=A0 UGS=A0=A0=A0=A0=A0=A0= =A0=A0 0=A0=A0=A0=A0 =A031257=A0 =A0=A0 bge0=0A10.0.0.0/24=A0=A0=A0=A0=A0= =A0=A0 link#3=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 U=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0 =A0 1=A0=A0 101587=A0=A0=A0=A0=A0 bge0=0A10.0.0.254= =A0=A0=A0=A0=A0=A0=A0=A0 link#3=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 = =A0UHS=A0=A0=A0=A0=A0=A0=A0=A0 =A00=A0=A0=A0=A0=A0=A0=A0 =A0=A0=A0=A0 0=A0= =A0=A0=A0=A0 =A0lo0=0A10.8.0.0/24=A0=A0=A0=A0=A0=A0=A0 10.8.0.2=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0UGS=A0=A0=A0=A0=A0=A0=A0=A0 0=A0=A0=A0 33716=A0=A0= =A0=A0=A0 =A0tun0=0A10.8.0.1=A0=A0=A0=A0=A0 =A0=A0=A0=A0=A0=A0=A0 link#5=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 =A0UHS=A0=A0=A0=A0=A0=A0=A0=A0=A0 0=A0= =A0=A0=A0=A0=A0=A0=A0=A0 =A0 2=A0=A0=A0=A0=A0=A0 =0A=A0lo0=0A10.8.0.2=A0=A0= =A0=A0=A0=A0=A0=A0 =A0=A0=A0=A0 link#5=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0 =A0UH=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 0=A0=A0=A0=A0=A0 =0A=A0tun0=0A127.0.0.1=A0=A0=A0=A0=A0=A0=A0=A0 =A0= =A0 link#4=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 =A0 UH=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0 0=A0=A0=A0=A0=A0=A0=A0 472=A0=A0=A0=A0=A0=A0 =A0lo0=0A=0AI'm c= urious as to why the 3rd entry shows the route for 10.8.0.0/24 goes through= =0A10.8.0.2 as it's gateway. 10.8.0.2 is not pingable in this setup.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?255857.25990.qm>